BeanCounterSep 21, 2023

I wrote hacky tampermonkey script to fix Lemmy instance links. Any advice?

https://sh.itjust.works/post/5563197

I wrote hacky tampermonkey script to fix Lemmy instance links. Any advice? - sh.itjust.works

Read this post [https://sh.itjust.works/post/5556588] and wrote a simple Tampermonkey script as a solution. // ==UserScript== // @name Fix community link // @version 0.1 // @description try to take over the world! // @match https://sh.itjust.works/post/* // ==/UserScript== (function() { 'use strict'; const postLinks = document.getElementById("postContent").querySelectorAll("a:not(.community-link)") // get every links that is NOT a community link const fixLink = (aTags) => { for (let aTag of aTags) { const isCommunityLink = aTag.pathname.startsWith("/c/"); aTag.href = isCommunityLink?aTag.pathname + "@" + aTag.host:aTag.href }; } fixLink(postLinks) const comments = document.getElementsByClassName("comment-content"); for (let comment of comments) { let commentLinks = comment.querySelectorAll("a:not(.community-link)"); fixLink(commentLinks) } })(); Any advice? I especially hate the fact that the way to check if it’s a link for lemmy community is through pathname but I thought there’s can’t be a real solution besides listing all the lemmy instances or actually making a request somehow. Any inputs are welcome!

Show threadAndySep 21, 2023

I just posted this on the post you linked, but yeah I am hardcoding a list of instances into my solution. Here’s my comment, copied:

I’m using the Firefox addon Redirector, and one of my rules there redirects community links using regex. I keep adding to the pattern as I encounter more instances. Currently it’s:

Pattern: https://(lemdro\.id|lemmy\.run|beehaw\.org|lemmy\.ml|sh\.itjust\.works|lemmy\.fmhy\.ml|lemmy\.dbzer0\.com|lemmy\.world|sopuli\.xyz|lemmy\.kde\.social|lemmygrad\.ml|mander\.xyz|lemmy\.ca|zerobytes\.monster)/c/(.*) Redirect to: https://programming.dev/c/$2@$1
Redirector – Get this Extension for 🦊 Firefox (en-US)

Download Redirector for Firefox. Automatically redirects to user-defined urls on certain pages

Show threadezchiliSep 21, 2023
Never use regex on URLs, make a list of hostnames and use the browser’s URL api to extract hostnames then match against the list
Show threadAndySep 21, 2023
Can you provide an example URL that breaks this solution?
Show threadezchiliSep 21, 2023

Sure!

user:[email protected]:80 is a valid url to lemdro.id and should match but will not

maliciouswebsite.to/?q=http://lemdro.id will match but should not

Lemdro.id

A place for tech enthusiasts and more!

Show threadAndySep 21, 2023

user:[email protected]:443 is a valid url to lemdro.id and should match but will not

Well that one:

  • technically shouldn’t match, because it’s not a community URL
  • is not the form I expect and want to be using for this case
  • may actually work (if it were a real community link, which again, it’s not), because after authentication I think the browser strips the credentials

maliciouswebsite.to/?q=http://lemdro.id will match but should not

No, it does not match.

AFAICT, this solution is working properly, but if you can find a URL that breaks it, please let me know.

Lemdro.id

A place for tech enthusiasts and more!

Show threadezchiliSep 22, 2023
Lmao ok
Show threadAndySep 22, 2023

I’m not trying to be combative, I’m trying to understand. I’d like to see the failure in action so I can appreciate and pursue the proposed solution.

But when I added the community bit to the first URL, the browser resolved it and stripped the credentials, so the resulting URL matched. But the example credentials weren’t real so it’s not a great test; if there’s an real example I can test, please share it. Though I don’t see why I’d auth to an instance just to view it from a different instance.

When I added the community bit to the second URL, it was not a match, as it shouldn’t be. The pattern must match the entire URL.

Show threadezchili

You can find it in action on regex101

Just the port is enough to make it fail but this is not even the point

The sheer number of things you have to take into account to properly parse a URL should convince you to not use regexes for it

regex101: build, test, and debug regex

Regular expression tester with syntax highlighting, explanation, cheat sheet for PHP/PCRE, Python, GO, JavaScript, Java, C#/.NET, Rust.

regex101
Sep 22, 2023 at 8:51amWeb
Show threadAndySep 22, 2023

I meant to communicate that the Redirector addon uses the given pattern to see if the entire URL string matches, not part of it. So the malicious URL does not match.

I’m wondering if there’s a real URL for which the Redirector approach will not work.