This repository is the open-source project for a website that scans your local network for any blocked websites.
Go to the website and click 'Start scan'. You will see all blocked domains (if there are any). If a website is blocked, you can click the little info icon to find the full path that the client couldn't access. The image is path is helpful for troubleshooting why the request can't reach the server.
Javascript creates a new image with an image on the domain we want to check as source. This will prevent CORS errors and works without too much trouble for the user. A disadvantage is that some popular domains host images on a different server and therefore it's hard to check if the domain is blocked or the image server of the domain. To solve this we try to request favicon.ico from the primary server and that works in most cases because even in the worst scenario the server would probably still redirect you to the right favicon URL.
| Google Chrome | Mozilla Firefox | Safari | Opera | Internet Explorer | Microsoft Edge |
|---|---|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ | ❌ | ❌ |
Making an official API on Github Pages is hard because this project is written in Javascript and a simple curl request can't render Javascript. A solution would be to create your own project using the data from this repository. If you make your program fetch data from https://raw.githubusercontent.com/MrLuit/CensorRadar/master/domains.json (we will try to keep this list updated) you can use the data to ping all the websites on the list. Let me know about projects you've created :)
In the JSON file, there is a 'hash' key. The value is a SHA1 hash of the contents of the provided image (not the url!). You can use this hash to verify the contents of the provided image to make sure that a potential firewall isn't just returning a different favicon. Ofcourse this method isn't bulletproof because a smart filter could potentially allow all images or allow favicons without allowing the website itself.
Javascript doesn't have a way to verify the SHA1 hash but you can provide one in your own program.
When adding a new domain to domains.json, it must meet the following requirements:
- The website is a popular international website and has an accesible image on the primary domain (not a different CDN server)
- Don't put
http://orhttps://in the domain and only put the path to the image in img without leading/ - Make sure the image provided is accessible from not only your computer. A favicon works best but if the server stores favicon on another server and doesn't automatically redirect just use another image URL from the website.
- When using a subdomain like
assets.github.com, put a~before the domain so the parser recognizes it's a subdomain and doesn't putwww.in front of it - The hash is SHA1 hash of the content of the image (read the section about cryptography)
You can then proceed to make a pull request with all these requirements.
Create an issue with as many details as possible regarding the problem. Useful information could be the image URL, your OS, your browser, your ISP or country, and steps to reproduce the issue.