diff --git a/assets/semgrep_rules/client/privacy.grd b/assets/semgrep_rules/client/privacy.grd new file mode 100644 index 00000000..2c91bd82 --- /dev/null +++ b/assets/semgrep_rules/client/privacy.grd @@ -0,0 +1,1388 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Brave Rewards + + + Always + + + Never + + + + Show All Bookmarks Button + + + + + Show all bookmarks button + + + + Copy clean link + + + + New &Private Window + + + Report a Broken Site + + + Copy Clean Link + + + Only On the New Tab Page + + + + + New &private window + + + Report a broken site + + + Copy clean link + + + Only on the new tab page + + + + Sync + + + Wallet + + + More… + + + + Install and run Google Widevine + + + Don't ask again + + + + Install Google Widevine + + + Restart browser to enable Google Widevine + + + + + $1https://www.youtube.com wants to play protected Google Widevine content, which requires you to allow Android system support for Widevine. By allowing, you'll agree to Google's terms of use. + + + + Widevine is sometimes needed to play media on a webpage. It's a Google extension loaded from Google servers, which Brave cannot inspect. By installing, you'll agree to Google's terms of use. + + + $1Learn more about Widevine. +Or change later at $2brave://settings/extensions. + + + Learn more about Widevine + + + brave://settings/extensions + + + $1google.com is asking you to + + + + + Autoplay was blocked on this page + + + Always allow autoplay on $1mail.google.com + + + Continue blocking autoplay + + + + + Brave does not review extensions for security and safety. Install this extension only if you trust the developer. + + + + + Granting access to a Bluetooth device will allow the site to read identifying and potentially sensitive information about you. Only allow sites you trust to access Bluetooth devices. $1Learn more + + + + + Tor windows + + + New Tor Identity + + + New Tor connection for this site + + + Exit Private Window with Tor + + + Exit Private Window + + + Private Window with Tor + + + Private Window + + + Tor + + + Tor $1 + + + This is a private window with Tor + + + Open Private Window with Tor + + + Tor + + + Tor + + + + + This Brave Sync account was deleted from another device. If you didn’t mean to disable Sync,$1re-create the account + + + $1This Brave Sync account was deleted from another device. If you didn’t mean to disable Sync,re-create the account + + + OK + + + Sync service could not be started, Brave Sync is not running + + + Don't show again + + + Check details + + + + + IPFS + + + Publish and retrieve files from IPFS + + + Read and modify IPFS settings + + + .onion + + + Open using .onion address + + + Force Paste + + + Import to IPFS + + + This page + + + Selected image + + + Selected video + + + Selected audio + + + Linked content + + + Publish with IPNS key + + + IPFS + + + + Import Selected Text to IPFS + + + Import and Copy Link to IPFS Snapshot + + + New Private Window with Tor + + + Open Link in Private Window with Tor + + + Open Link in Brave Private Window with Tor + + + Import and Share a File + + + Open Files + + + Import and Share a Directory + + + With a File + + + With a Directory + + + Update IPNS + + + + + Import selected text to IPFS + + + Import and copy link to IPFS snapshot + + + Import and share a file + + + Open files + + + Update IPNS + + + New private window with Tor + + + Open link in private window with Tor + + + Open link in Brave private window with Tor + + + Import and share a directory + + + With a File + + + With a Directory + + + + + Beginning on December 1, 2023, Brave Dev channel will no longer receive browser updates. We recommend users migrate to the Nightly, Beta, or Release versions of Brave. + + + + + Report a Broken Site + + + Mute Tab + + + + + + + Hide Brave Rewards Icon + + + + + Hide Brave Rewards icon + + + + + + + Hide Brave Wallet Icon + + + + + Hide Brave Wallet icon + + + + + + + Web Extensions Store + + + View in Web Extensions Store + + + Warning: Brave cannot prevent extensions from recording your browsing history. + + + If this extension makes network requests, they will not use Tor or private mode. + + + To disable this extension in private mode and Tor mode, unselect this option. + + + + + + Brave Browser Nightly Apps + + + Brave Browser Beta Apps + + + Brave Browser Dev Apps + + + Brave Browser Apps + + + Brave Browser Development Apps + + + + + + + Allow + + + Block + + + Don't ask again + + + Help improve Brave's product stability by automatically sending diagnostic reports when the Brave Browser crashes or freezes. + + + $1Brave Browser quit unexpectedly. + + + Brave Browser + + + You can change $1this at any time in browser settings. + + + this setting + + + + + This site has requested your $1general location$1. $1Learn more$1 + + + This site has requested your $1precise location$1. $1Learn more$1 + + + This site has requested your $1precise location$1. Brave will only able to provide $1general location$1 data due to $1Location Services$1 being disabled. $1Learn more$1 + + + + + Close all + + + Cancel + + + Close all tabs? + + + You have $12 tabs open in this browser window. + + + $12 tabs + + + Don't ask me again + + + + Don't Google it. Can't Bing it. Just Brave it. + + + Brave doesn't track you, your queries, or your clicks. And it's 100% independent. + + + Search and you will find. Privately. + + + Brave doesn't track you, your queries, or your clicks. And it's 100% independent of Big Tech. + + + AI-infused search with a unique index. + + + Fully private, 100% independent, and with great AI features. + + + Try Brave Search + + + Dismiss + + + Maybe later + + + Maybe later + + + Dismiss Brave search conversion, press Enter to remove this suggestion + + + + // ruleid: privacy + Help improve $1Brave Search by sending anonymous usage data. $2More info + + + Brave Search + + + More info + + + OK + + + No thanks + + + + + Don't show again + + + + + By clicking OK, you acknowledge that your installation of Brave will NOT receive critical security fixes until you update to Windows 10 or later. This warning will NOT show again. + + + + + By clicking OK, you acknowledge that your installation of Brave will NOT receive critical security fixes until you update to macOS 10.15 or later. This warning will NOT show again. + + + + + + Remove from list + + + + + This tab is active in another window + + + Clicking this tab will bring its contents to this window + + + + + + Bat Ads Service + + + Bat Rewards Service + + + Close + + + Brave Notification Ad + + + 🎉 You're now earning! + + + You earn whenever a notification like this appears on your screen. You don't need to click to earn. + + + You earn when a Brave Ads notification appears + + + You don't need to click to earn, but do click if you're interested! + + + + + Web Discovery Project + + + // ruleid: privacy + Contribute some anonymous search & browsing data to refine Brave Search. + + + + + Brave Tooltip + + + + + + + Hide sidebar icon + + + Hide sidebar + + + Show sidebar + + + + + Hide Sidebar Icon + + + Hide Sidebar + + + Show Sidebar + + + + Edit... + + + Remove + + + Edit item + + + Title + + + URL + + + Sidebar item title + + + Sidebar item url + + + Add to Sidebar + + + Show Sidebar + + + Position + + + Move to the right + + + Move to the left + + + Show Sidebar + + + Always + + + On mouseover + + + Never + + + Show settings + + + Enabled + + + Disabled + + + Added + + + Right-click to remove + + + Scroll up + + + Scroll down + + + Add to Sidebar + + + bookmarks + + + reading list + + + Close + + + + Bookmarks manager + + + + + Bookmarks Manager + + + + + + + Automatically send daily usage ping to Brave + + + This private ping lets Brave estimate active users. + + + + + // ruleid: privacy + Brave uses completely private product analytics to estimate the overall usage of certain features + + + Got it + + + Disable + + + Allow privacy-preserving product analytics (P3A) + + + These private responses help Brave estimate the overall usage of certain features and make them better for you. + + + + + Would you like to start Crypto Wallets for Ethereum support? + + + Set up Crypto Wallets to interact with this app and others like it. + + + Set up Crypto Wallets + + + Start Crypto Wallets and reload + + + Settings + + + Don't ask again + + + + Wallet + + + IPFS + + + Web3 + + + Web3 Domains + + + Learn more about IPFS and privacy + + + This page is available on the IPFS network. Would you like to load IPFS pages using Brave's built-in support (via ipfs:// or ipns://)? + + + Always + + + Only This Time + + + No Thanks + + + Learn how this affects my privacy + + + There was an error loading the IPFS URL. Would you like to redirect to the original URL? + + + Redirect + + + No thanks + + + Would you like to always start an IPFS node on browser startup? + + + Enable + + + Cancel + + + + Brave Wallet Utility Service + + + + + Sorry, that page is missing. + + + Couldn't load saved version + + + Do you want to check if a saved version is available on the Wayback Machine? + + + Wayback Machine couldn't find a saved version of this site. + + + Check saved version + + + Dismiss + + + + + Brave is made available to you under the <a target="_blank" href="$1">Mozilla Public License 2.0</a> (MPL) and includes <a target="_blank" href="$2">open source software</a> under a variety of other licenses. + You can read <a target="_blank" href="$3">instructions on how to download and build for yourself</a> the specific <a target="_blank" href="$4">source code used to create this copy</a>. + + + + + + Bookmark all tabs... + + + Use vertical tabs + + + {NUM_TABS, plural, =1 {Mute tab} other {Mute tabs}} + + + {NUM_TABS, plural, =1 {Unmute tab} other {Unmute tabs}} + + + New tab below + + + Close tabs below + + + Bring all tabs to this window + + + Close duplicate tabs + + + + + Bookmark All Tabs... + + + Use Vertical Tabs + + + {NUM_TABS, plural, =1 {Mute Tab} other {Mute Tabs}} + + + {NUM_TABS, plural, =1 {Unmute Tab} other {Unmute Tabs}} + + + New Tab Below + + + Close Tabs Below + + + Bring All Tabs to This Window + + + Close Duplicate Tabs + + + + + + + Copy Text From Image + + + Close + + + Copying text from image... + + + Text copied from image + + + Text copy failed + + + + + + + Brave VPN + + + Use WireGuard protocol in Brave VPN + + + This setting cannot be changed while Brave VPN is connected. + + + Show VPN button + + + Shows the VPN button in the toolbar + + + VPN + + + Toggle VPN + + + Brave VPN + + + About Brave VPN + + + Connecting... + + + Connected + + + Disconnecting... + + + Disconnected + + + + Show VPN Button in Toolbar + + + Hide VPN Button in Toolbar + + + Show VPN Tray Icon + + + Send Feedback + + + Manage My Plan + + + + + Show VPN button in toolbar + + + Hide VPN button in toolbar + + + Show VPN tray icon + + + Send feedback + + + Manage my plan + + + + + + + Full Disk Access required + + + Brave needs Full Disk Access to import your Bookmarks from Safari. + + + Learn how to grant Full Disk Access from your System Preferences. + + + Open System Preferences + + + + + Downloads + + + + + To add a bookmark, click the bookmark button next to the address bar + + + Import bookmarks now... + + + For quick access, place your bookmarks here on the bookmarks bar. + + + Reading List + + + + + Ready for the best privacy online? + + + Set Brave as your default browser to get Brave's privacy protections on every web page you open. + + + Set Brave as default + + + Maybe later + + + + + + Pin to taskbar + + + + + Keep in Dock + + + + + + + Microsoft Edge Legacy + + + + Imported from $1Chrome. + + + + + + + Expand Tabs + + + Minimize Tabs + + + + + Expand tabs + + + Minimize tabs + + + + + + Custom order + + + custom order + + + + + + Add to Playlist + + + Media found in this page + + + Added to $1Play Later + + + Sorry, we couldn't find any media on this page. + + + + Open in Playlist + + + Change Folder + + + Remove from Playlist + + + More Media on This Page... + + + Add Selected + + + + + Open in playlist + + + Change folder + + + Remove from Playlist + + + More media on this page... + + + Add selected + + + + Move Media + + + New Playlist + + + Back + + + Save + + + Create and move + + + Select a folder to move this media to + + + Playlist name + + + $14 items selected + + + Delete playlist + + + Are you sure you want to delete this playlist and all its contents? This action cannot be undone. + + + Delete + + + New playlist + + + Playlist name + + + Add from your Play Later folder + + + Create + + + Edit + + + Share + + + Keep for offline playing + + + Remove played contents + + + Rename + + + Delete playlist + + + Move + + + Remove offline data + + + Remove from playlist + + + View original page + + + The fun starts when you have something to play. Add your favorite media and playback anytime, anywhere. Even offline. + + + Create a new folder + + + Open Playlist settings + + + Play + + + Pause + + + Next Track + + + Previous Track + + + Shuffle + + + Rewind + + + Forward + + + Close + + + Repeat off + + + Repeat one + + + Repeat all + + + Failed to play item + + + [$1Awesome video] may be expired. Would you like to recover it? + + + Recover + + + Dismiss + + + + + + Brave Player + + + + + + diff --git a/assets/semgrep_rules/client/privacy.md b/assets/semgrep_rules/client/privacy.md new file mode 100644 index 00000000..1a450ec0 --- /dev/null +++ b/assets/semgrep_rules/client/privacy.md @@ -0,0 +1,20 @@ +// ruleid: privacy +test completely private +// ruleid: privacy +test anonymous +// ruleid: privacy +test anonymized +// ruleid: privacy +test military grade +// ruleid: privacy +test military-grade +// ruleid: privacy +test totally secure +// ruleid: privacy +test unbreakable encryption +// ruleid: privacy +test unhackable +// ruleid: privacy +test hackerproof +// ruleid: privacy +test hacker-proof \ No newline at end of file diff --git a/assets/semgrep_rules/client/privacy.yaml b/assets/semgrep_rules/client/privacy.yaml new file mode 100644 index 00000000..a234bee1 --- /dev/null +++ b/assets/semgrep_rules/client/privacy.yaml @@ -0,0 +1,31 @@ +rules: + - id: privacy + metadata: + author: Andrea Brancaleoni + confidence: LOW + assignees: | + bridiver + arthuredelstein + ShivanKaul + thypon + message: "Privacy claim found" + languages: + - generic + paths: + include: + - "*.html" + - "*.md" + - "*.grd" + - "*.grdp" + severity: WARNING + pattern-either: + - pattern: "completely private" + - pattern: "anonymous" + - pattern: "anonymized" + - pattern: "military grade" + - pattern: "military-grade" + - pattern: "totally secure" + - pattern: "unbreakable encryption" + - pattern: "unhackable" + - pattern: "hackerproof" + - pattern: "hacker-proof" \ No newline at end of file