chrysanthos
diff --git a/‎Readme.md‎
Lines changed: 32 additions & 0 deletions b/‎Readme.md‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎_locales/en/messages.json‎
Lines changed: 3 additions & 0 deletions b/‎_locales/en/messages.json‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎icons/icon128.png‎
25.8 KB b/‎icons/icon128.png‎
25.8 KB
diff --git a/‎icons/icon16.png‎
789 Bytes b/‎icons/icon16.png‎
789 Bytes
diff --git a/‎icons/icon19.png‎
749 Bytes b/‎icons/icon19.png‎
749 Bytes
diff --git a/‎icons/icon48.png‎
5.82 KB b/‎icons/icon48.png‎
5.82 KB
diff --git a/‎images/leak_example.png‎
59.5 KB b/‎images/leak_example.png‎
59.5 KB
diff --git a/‎images/readityourself.gif‎
23.4 MB b/‎images/readityourself.gif‎
23.4 MB
diff --git a/‎images/screenshot.png‎
202 KB b/‎images/screenshot.png‎
202 KB
diff --git a/‎manifest.json‎
Lines changed: 24 additions & 0 deletions b/‎manifest.json‎
Lines changed: 24 additions & 0 deletions
@@ -0,0 +1,32 @@
+# Ziggy Route Debugger
+
+![screenshot.png](images%2Fscreenshot.png)
+
+## Are you leaking routes in your ziggy powered site?
+
+Ziggy Route Debugger is a open-source browser extension that allows you to easily verify that the no sensitive routes
+are leaked to guests.
+
+If you used Ziggy with your laravel project (and possibly Inertia.js) you may be leaking routes you don't want to.
+
+Of course these routes will be possibly protected by an auth middleware however there are cases you don't want to expose
+those urls to the public. (In my case, we are onboarding clients manually, and there is no registration mechanism
+available publicly.)
+
+Leaking routes like below, is a security risk for us therefore we needed a way to easily verify which routes are exposed
+in each page. In this example, we are leaking the dashboard, 2FA endpoints and cashier predefined routes.
+![leak_example.png](images%2Fleak_example.png)
+
+### Do I really need a browser extension for that?
+
+Definitely not! Feel free to read the json lines of each page manually. It's a nightmare.
+![readityourself.gif](images%2Freadityourself.gif)
+
+#### Does this work with all Ziggy websites?
+No.
+
+#### Does this work with SSR-rendered Ziggy websites?
+No.
+
+#### Does this work in general?
+Sometimes.
@@ -0,0 +1,3 @@
+{
+
+}
@@ -0,0 +1,24 @@
+{
+  "name": "Ziggy Route Debugger",
+  "version": "0.0.1",
+  "manifest_version": 2,
+  "description": "Ziggy Route Debugger allows you to easily debug the exposed routes in each page of your site",
+  "homepage_url": "https://github.com/chrysanthos/ziggy-route-debugger",
+  "icons": {
+    "16": "icons/icon16.png",
+    "48": "icons/icon48.png",
+    "128": "icons/icon128.png"
+  },
+  "default_locale": "en",
+  "browser_action": {
+    "default_icon": "icons/icon19.png",
+    "default_title": "Ziggy Route Analysis",
+    "default_popup": "src/page_action/page_action.html"
+  },
+  "permissions": [
+    "tabs",
+    "activeTab",
+    "http://*/*",
+    "https://*/*"
+  ]
+}