議論 » Greasy Fork への意見

Considering a new antifeature type - sending of credentials/tokens to a third party server

§
投稿日: 2025/03/24

Some scripts will send a user's login cookie/token for a site to a third party server. In some cases this is required for the script to function, as the third party server performs some actions on the user's behalf. In some other cases, this is just malware.

I'm considering adding a new @antifeature type that would be required if a script is doing this with a requirement that an explanation be provided of what is being collected and for what purpose. For example, Maybe @antifeature token Your farmgame.example token is sent to our server so that we can auto-harvest your carrots..

This wouldn't directly prevent malware, but it would serve as a warning to users about this behaviour as well as a requirement/chance for authors to justify it.

§
投稿日: 2025/03/31

Being a life-learner of data security, I vote 'Yes'.

§
投稿日: 2025/04/01

I vote 'Yes' too.

返信を投稿

返信を投稿するにはログインしてください。