0

A few months ago I developed a Chrome extension, very much like the famous Reddit Enhancement Suite for a website very much like Reddit, for free. Userbase happy, rolling out little improvements here and there... And now out of the blue this website is programmatically giving those users a 1 day ban.

I've been googling methods to find out if a user has a specific extension and surprisingly for me it's not that hard (haven't tested those methods though but seem very plausible).

For example methods like this one.

I don't know what method they are using, but whatever it is, I should be able to see it somewhere in their code right? I'm reading through all I can see and there's nothing suspicious.

Where can I look? Tools? Ideas?

PS: No, there's no law that my extension violates, there are also no injured people nor cats.

Neithan Max
  • 11,004
  • 5
  • 40
  • 58
  • 2
    Are the users using your extension violating the terms of service on that website? What are the users told is the reason for the 1 day ban? It seems that removing the website's objection would be a better path than trying to prevent extension detection while doing something objectionable. – jfriend00 Aug 08 '14 at 04:10
  • 1
    Related: [Check whether user has a Chrome extension installed](http://stackoverflow.com/questions/6293498/check-whether-user-has-a-chrome-extension-installed) – Qantas 94 Heavy Aug 08 '14 at 04:18
  • They are not. The extension makes use of a few jQuery functions and CSS to improve website's behaviour an appearance. Can you give some insight or you just wanted to express that you'd rather do something else? – Neithan Max Aug 08 '14 at 04:36
  • 1
    Then why are the users being banned? It seems you need to figure out the answer to that rather than try to cloak usage of your extension (which seems difficult to do). If the website owner is unhappy with your extension, then you're just in an arms race with them and as long as they want to keep punishing users using your extension, nobody is going to be happy. An engagement with the website to find out what's going on and why seems like the better path. – jfriend00 Aug 08 '14 at 04:45
  • 1
    I'm afraid you have seen too many "hacker" movies. The extensions is nothing you can't acheive with a userscript, which was a good coding practice for me. If you can contribute to a very concrete technical question do it, otherwise you are free to go. Thank you for protecting our internet from the evils of homeopathic chrome extensions, sir jfriend00. – Neithan Max Aug 08 '14 at 05:17
  • 1
    Chrome manifest v2 makes it so that websites can only access extension files that are marked as [web_accessible_resources](https://developer.chrome.com/extensions/manifest/web_accessible_resources). Otherwise your code changing the document of the website should be the only way for the site to know if an extension is installed. – abraham Aug 08 '14 at 16:21
  • Could it be that your extension modifies the page is some way so that when users later interact with the web server they are sending something that "regular" users wouldn't send? And the server then tags them as "using your extension"? – Nitzan Shaked Aug 12 '14 at 20:16
  • After hours of looking at the code (about 10k lines of js) i found out they snook up a little snippet of obfuscated code (thats why I couldn't find it easily with search tools) to check for a particular change in their page appearance, and that's how they tagged the users. – Neithan Max Aug 16 '14 at 07:40

0 Answers0