shosatojp / simplecache Goto Github PK
View Code? Open in Web Editor NEWChrome(Linux,Android) cache extractor with Python binding. A CUI tool to restore contents of sites which you had visited but closed.
simplecache's People
Stargazers
Watchers
simplecache's Issues
Always response me 'not found' when save
I can get a list of cached item with --cache and --list parameter, return me somethings like:
_dk_https://msn.cn https://msn.cn https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAmF8Ez.img
_dk_https://msn.com https://msn.com https://assets.msn.com/bundles/v1/edgeChromium/staging/shopping-carousel.024073c39ae50a040713.js
_dk_https://msn.com https://msn.com https://assets.msn.com/bundles/v1/edgeChromium/staging/shopping-smart-list.e270bd4ed275e7e406d2.js
_dk_https://msn.com https://msn.com https://assets.msn.com/bundles/v1/edgeChromium/staging/voice-search.e6498aac53844181f56a.js
_dk_https://msn.com https://msn.com https://assets.msn.com/bundles/v1/edgeChromium/staging/migrationConsent.df032df13371270ee626.js
and when I try to save the cached item, it always return me not found, and nothings saved. This even happended with the python example.
simplecache -c /path/to/cache -k https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAmF8Ez.img -o /tmp/t.imgAs you can see, the key is listed from the --list output.
So, what I'm doing wrong?
Deleted package detected
I'm a Cyber Security researcher and developer of PackjGuard [1] to address open-source software supply chain attacks.
Issue
During my research, I detected a deleted package in this repository.
Details
Specifically, the package chromesimplecache mentioned in file README at line 32 does not exist on the public PyPI registry. A bad actor can hijack this package to propagate malicious code.
Impact
Not only your apps/services using https://github.com/shosatojp/simplecache repo code are vulnerable to this attack, but the users of your open-source Github repo could also fall victim.
You could read more about such attacks here: https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
Remediation
Please highlight this in file README and register a placeholder package for chromesimplecache on public PyPI soon to remediate.
To automatically fix such issues in future, please install PackjGuard Github app [1].
Thanks!
- PackjGuard is a Github app that monitors your repos 24x7, detects vulnerable/malicious/risky open-source dependencies, and creates pull requests for auto remediation: https://github.com/marketplace/packjguard
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.