// ==UserScript==
// @name          Gone Phishing Extended
// @namespace     http://www.superscalar.org/stuff.html
// @description   Remove links in potential fishing attempts.

// @include       http://*
// @include       https://*
// ==/UserScript==

//
// Written by Mathias Ricken.
// Version 1.00
// Based on Gone Phishing from http://menno.b10m.net/greasemonkey/
//
// 1) Removes links when the link URL and the link text begin with
//    "http" and the portion between "://" and the next "/" does not
//    match.
// 2) If in GMail, removes links that contain certain keywords, like
//    "chase", "bankone", or "ebay" in either the link URL or the
//    link text.
// 3) The extension can be enabled or disabled by setting the
//    greasemonkey preference value 'gGPEEnabled' to true or false,
//    respectively.
// 4) The keywords are stored in the preference value 'gGPEWords'.
//    The keywords must be separated by commas. They are case-
//    insensitive.
// 5) When the script is run the first time, it will automatically
//    enable itself and ask for the keywords.
// 6) The keywords are stored in the greasemonkey preference value
//    'gGPEWords'. Type 'about:config' (without single quotes) into
//    the address bar of your browser and search for preferences
//    beginning with
//    'greasemonkey.scriptvals.http://www.superscalar.org/stuff.html/Gone Phishing Extended.gGPE'
//    to find the preferences.
//

var links, link;
links = document.evaluate(
   '//a[@href]',
   document,
   null,
   XPathResult.UNORDERED_NODE_SNAPSHOT_TYPE,
   null);

var enabled;
var wordString = "";

try {
  enabled = GM_getValue('gGPEEnabled');
  wordString = GM_getValue('gGPEWords');
}
catch(e) {
  enabled = null;
}

if ((enabled != true) && (enabled != false)) {
  // first time running
  alert("You are running 'Gone Phishing Extended' for the first time. This is the setup procedure.");
  try {
    GM_setValue('gGPEEnabled', true);
    wordString = prompt("Gone Phishing Extended - Please enter your phishing keywords, separated with commas (e.g.: Chase,BankOne,eBay).");
    GM_setValue('gGPEWords', wordString);
    enabled = true;
  }
  catch(e) {
    alert("An error occurred.\n"+
          "Please go to 'about:config', reset all preferences starting with\n"+
          "'greasemonkey.scriptvals.http://www.superscalar.org/stuff.html/Gone Phishing Extended.gGPE',"+
          "and restart your browser.");
    enabled = false;
  }
}

if (enabled == true) {
  var wordArray = wordString.split(",");

  for (var i = 0; i < links.snapshotLength; i++) {
     a = links.snapshotItem(i);
     if(a.textContent.match(/http.*:\/\//)) {
        var text_serv = a.textContent.match(/http.*:\/\/([^\/]+).*$/);
        var link_serv = a.href.match(/http.*:\/\/([^\/]+).*$/);
        var inGmail = (window.location.href.match(/http.*:\/\/mail.google.com\/mail.*/));

        if(text_serv[1] && link_serv[1] && text_serv[1] != link_serv[1]) {
          span = document.createElement('span');
          span.textContent = a.textContent + " (Original link: " + a.href + ")";
          span.title = "WARNING!";
          span.style.backgroundColor = 'red';
          a.parentNode.replaceChild(span,a);
        }
        else if (inGmail) {
          var wordNum=0;
          while (wordNum < wordArray.length) {
            var re = new RegExp(".*" + wordArray[wordNum].toLowerCase() + ".*", "i");
            if ((a.textContent.match(re)) ||
                (a.href.match(re))) {
              span = document.createElement('span');
              span.textContent = wordArray[wordNum] + " Link? (Original link: " + a.href + ")";
              span.title = "WARNING!";
              span.style.backgroundColor = 'red';
              a.parentNode.replaceChild(span,a);
              break;
            }
            ++wordNum;
          }         
        }
     }
  }
}