// ==UserScript== // @name Uncucker // @namespace Violentmonkey Scripts // @version 0.5.4 // @description Prevents post content from being deleted, blocks redirects, prevents live-posting, changes file hash etc. // @match https://awoo.cf/* // @grant GM_xmlhttpRequest // @grant unsafeWindow // @grant GM_getValue // @grant GM_setValue // @run-at document-start // @require https://cdn.jsdelivr.net/npm/pako@2.1.0/dist/pako.min.js // @require https://cdn.jsdelivr.net/npm/upng-js@2.1.0/UPNG.min.js // @require https://cdn.jsdelivr.net/npm/jpeg-js@0.4.4/lib/decoder.min.js // @require https://cdn.jsdelivr.net/npm/jpeg-js@0.4.4/lib/encoder.min.js // ==/UserScript== // click on gear icon on the top right of the website to see the settings tab // HOW TO MAKE IT WORK: // 1. Install this extension: https://github.com/didierfred/SimpleModifyHeaders // 2. Put this in a file named anything.conf (without "// "): // {"format_version":"1.2","target_page":"https://awoo.cf/*","headers":[{"url_contains":"https://awoo.cf/","action":"modify","header_name":"content-security-policy","header_value":"default-src 'self'; base-uri 'self'; frame-ancestors 'self'; form-action 'self'; object-src 'none'; worker-src 'self' blob:; img-src 'self' data: blob: https: http:; media-src 'self' data: blob: https: http:; font-src 'self' data:; style-src 'self' 'unsafe-inline' https://hcaptcha.com https://*.hcaptcha.com; script-src 'unsafe-inline' 'unsafe-eval' https://js.hcaptcha.com https://hcaptcha.com https://*.hcaptcha.com https://www.youtube.com https://www.youtube-nocookie.com https://embed.twitch.tv https://player.twitch.tv; connect-src 'self' ws: wss: https: http: data: blob:; frame-src 'self' https: http: data: blob:","comment":"test","apply_on":"res","status":"on"}],"debug_mode":false,"show_comments":false,"use_url_contains":true} // 3. Click extension icon, click 'Configure', click 'Import', select .conf file, click 'Save', click 'Start' button // 4. Install userscript // What it does: modifies Content-Security-Policy response header to block original main.js script execution and allow unsafe-eval for our userscript /* HOW IT WORKS (OUTDATED): 1. Intercepting the Main Script The process begins by overriding the native Element.prototype.appendChild method. This allows us to inspect every element being added to the webpage. We look for a