Awesome Screenshot Safari Extension, injecting code in to web pages

Question

Awesome Screenshot Safari Extension, injecting code in to web pages

Hi

I'm not sure if Apple are aware of this but I've notice some very dodgy activity from one of Safari's top rated extensions injecting adverts/price comparison code into the header of web pages. The extension is 'Awesome Screenshot' which is very highly rated on the Apple Extensions site.

It is adding "prestosavings.js" script in to the page. I develop websites so look through code a lot and I couldn't figure out where this was coming from after pulling apart a site looking for this assuming it was a malware issue on the site itself. I discovered that it was the Awesome Screenshot after tracing it back and noticed the following 'Enable price comparation' checkbox has appeared with no warning.

If you uncheck this box, the code is still injected into the page. I have now deleted this extension, but Apple, you really need to check into this... At no point did I agree to this added feature and it wasn't pointed out as a new feature when the extension was updated.

I will think again about using ANY extensions you feature in the future.

Posted on Jul 11, 2014 3:58 AM

Reply

Answer 1

Jul 11, 2014 4:10 AM in response to Davie Barnett

Hi Davie ...

I forwarded this topic to the Apple moderators for you.

Since there has been a rash of malware lately, this could be very helpful.

Carolyn

Reply

Answer 2

Jul 11, 2014 4:18 AM in response to Carolyn Samit

Hi Carolyn, I've done that now but not sure if anyone is going to read it and pass it to the right person. There is no Report Malware in your product option.

Reply

Answer 3

Jul 11, 2014 4:18 AM in response to Carolyn Samit

That's great, thank you 🙂

Reply

Answer 4

Jul 11, 2014 4:43 AM in response to Davie Barnett

Between notifying the moderators and sending feedback, hopefully someone will take notice and check it out.

You're welcome 🙂

Reply

Answer 5

Jan 13, 2015 9:27 AM in response to Carolyn Samit

Hy Carolyn,

Six months later I run into the same issue. Only this time this particular extension is sending my browser behavior to third parties. I can clearly see in my Web Inspector that a POST request is being done to the Presto Savings ad network, that includes the hostname of sites I visit. Also see this tweet by someone else:

https://twitter.com/labemi/status/526445876689260544

Please pull this extension from the Extension Gallery a.s.a.p: https://extensions.apple.com/details/?id=com.diigo.safari.awesomeScreenshot-5DXN M3K2CT

Reply

Answer 6

tjaad

Level 1

0 points

May 10, 2015 4:21 AM in response to Davie Barnett

I too had found out that the plugin inserts code into every webpage, even when the corresponding checkbox is unchecked. This is really an important issue that Apple needs to address!

Reply

Answer 7

May 21, 2015 8:59 AM in response to Davie Barnett

Hi Davie

Thanks for flagging this up.

I had noticed the line of code on a web page I am analyzing and 'googled' prestosavings.js to find out what it is.

I have removed the line of code and deleted the Awesome Screenshot extension.

Reply

Answer 8

Oct 26, 2015 5:38 AM in response to Davie Barnett

Does anyone know if Diigo plans to provide Awesome Screenshot for Safari OS X again in the future?

Reply