What This Changelog Covers

🔗 Broken URL Repair

Each release improves detection and repair of
broken URLs where dots have been replaced with
alternative characters — including
plus-separator URLs
(goo+su),
asterisk-separated domains
(drive*google*com)
and bracket-obfuscated addresses.

🛡️ URL Obfuscation Fix

The
URL obfuscation fix
engine has been expanded across every release —
adding support for DOT-word patterns,
parenthesis wrappers, mixed-case variants
and encoded characters that disguise
real web addresses in plain text.

✅ Whitelist Expansion

The trusted domain whitelist grows with every
release — protecting legitimate URLs that use
+ as an encoded space in query
strings (such as Google Search) from being
incorrectly modified by the
mangled web address repair
engine.

Full Version History

Current Release
v1.0.6
March 2026

Version 1.0.6
URL Shortener Support
Plus-Separator Fix


— The most significant update to the
broken URL fixer
engine since launch.
Version 1.0.6 introduces full support for
plus-separator URL
repair in domain names,
expands the URL shortener whitelist to over
200 known shortener domains,
and improves the
URL obfuscation fix
to correctly handle
goo+su-style addresses
without corrupting query string parameters
that legitimately use +
as an encoded space.


  • Plus-separator domain repair:
    Domains like goo+su/zL2hl
    now correctly resolve to
    goo.su/zL2hl
    — the + is replaced with
    . in the domain portion only,
    leaving query strings untouched.

  • Smart domain-only normalization:
    The repair engine now splits the URL into
    protocol, domain and path before applying
    obfuscation fixes — preventing
    + in query strings
    (e.g. q=hello+world)
    from being incorrectly modified.

  • 200+ URL shortener domains whitelisted:
    bit.ly, tinyurl.com, goo.su, rb.gy, cutt.ly,
    short.io and hundreds more are now recognised
    and never incorrectly modified.

  • Asterisk-separator fix confirmed:
    drive*google*com
    drive.google.com
    path and query string preserved correctly.

  • Whitelist expanded:
    Added 50+ new domains including regional
    Google domains, government TLDs,
    health portals and education platforms.

  • New helper functions:
    hasWhitelistedQueryParam()
    and isLocalUrl()
    added to whitelist.js for more
    granular URL classification.

  • Private IP whitelisting:
    localhost, 127.x.x.x, 192.168.x.x,
    10.x.x.x and IPv6 loopback addresses
    are now always skipped.

  • 3-part TLD support:
    Domains like co.uk, com.au, co.nz
    now correctly matched in whitelist lookups.
whitelist.js
url-utils.js
extract-links.js
Breaking Fix

v1.0.5
January 2026

Version 1.0.5
Asterisk URL Fix
Whitelist Update


— Version 1.0.5 focused on improving
mangled web address repair
for asterisk-obfuscated domains.
The release resolved a critical bug where
drive*google*com/file/d/...
was being partially fixed — the domain
was corrected but the path was being
corrupted by the repair engine.


  • Asterisk domain fix — path preserved:
    https://drive*google*com/file/d/ID/view?usp=drive_link
    now correctly resolves to
    https://drive.google.com/file/d/ID/view?usp=drive_link
    with the full path and query string intact.

  • Domain-only repair scope:
    The normalizeUrl() function was refactored
    to extract the protocol, isolate the domain,
    apply obfuscation fixes to the domain only,
    then reassemble with the untouched path.

  • Double-dot cleanup:
    After replacement, consecutive dots
    (e.g. google..com)
    are collapsed to a single dot.

  • Whitelist — developer tools expanded:
    Added Supabase, PlanetScale, Neon, Railway,
    Fly.io, Render and 20+ more developer
    platform domains.

  • Whitelist — productivity tools:
    Added Notion, Linear, ClickUp, Loom,
    Calendly, Typeform, Tally and more.
  • 🐛
    Bug fix:
    Fixed edge case where URLs containing
    * in query parameters
    (rare but valid in some API signatures)
    were being incorrectly modified.
url-utils.js
whitelist.js
Bug Fix

v1.0.4
October 2025

Version 1.0.4
Obfuscation Patterns
Performance


— Version 1.0.4 expanded the
URL obfuscation fix
engine with support for additional
obfuscation patterns commonly used to
disguise web addresses in plain text,
forum posts, email bodies and
social media content.


  • Bracket obfuscation:
    google[.]com and
    google[dot]com
    now correctly repaired to
    google.com.

  • Parenthesis obfuscation:
    google(.)com and
    google(dot)com
    now correctly repaired.

  • DOT-word patterns:
    google DOT com,
    google dot com
    and mixed-case variants
    now correctly repaired.

  • AT-word patterns for emails:
    user AT domain DOT com,
    user [at] domain [dot] com
    and user (at) domain (dot) com
    now correctly resolved.

  • Performance improvement:
    Whitelist lookups now use
    Set data structures
    for O(1) average lookup time
    instead of array iteration.

  • Whitelist — social media expanded:
    Added Mastodon, Threads, Bluesky,
    BeReal and emerging platforms.

  • Whitelist — payment processors:
    Added Adyen, Checkout.com, Klarna,
    Afterpay, Affirm, Mollie, Razorpay.
  • 🐛
    Bug fix:
    Fixed false positive where
    example.com/path[0]
    (array index in URL) was being
    incorrectly treated as obfuscation.
url-utils.js
whitelist.js
content.js
Performance

v1.0.3
July 2025

Version 1.0.3
Whitelist Overhaul
Protocol Support


— Version 1.0.3 delivered a major overhaul
of the trusted domain whitelist,
expanding it from approximately 60 domains
to over 400 domains across all major
categories — ensuring the
broken URL fixer
never incorrectly modifies legitimate URLs
on trusted platforms.


  • Whitelist expanded to 400+ domains:
    Search engines, Google services,
    Microsoft ecosystem, Apple, Amazon/AWS,
    social media, developer tools, CDNs,
    payment processors, analytics,
    email services, media, shopping,
    news, cloud storage, auth providers,
    productivity, education, finance,
    health and government domains.

  • Protocol whitelist expanded:
    Added sms:, fax:, callto:, ftp:, ftps:,
    sftp:, ssh:, git:, svn:, ws:, wss:,
    irc:, magnet:, bitcoin:, ethereum:,
    zoommtg:, msteams:, teams: and more.

  • URL prefix whitelist added:
    Specific URL prefixes for Google OAuth,
    GitHub API, Microsoft login,
    AWS Cognito, Facebook Graph API,
    Stripe, PayPal, Cloudflare and more
    are now always skipped.

  • Path pattern whitelist expanded:
    OAuth callback patterns, API versioning
    patterns, UTM tracking parameters,
    file download extensions and
    CDN asset path patterns added.

  • HTML attribute detection:
    Added data-src=, data-href=, data-url=,
    srcset=, poster=, formaction= and more
    to prevent HTML attribute values from
    being treated as plain URLs.

  • Query param whitelist:
    New WHITELISTED_QUERY_PARAMS list
    protects URLs containing token=,
    access_token=, api_key=, signature=,
    jwt= and other sensitive parameters
    that legitimately use +.

  • Regional Google domains:
    All 30+ regional Google domains
    (google.co.uk, google.com.au etc)
    now explicitly whitelisted.
whitelist.js
Major Update

v1.0.2
April 2025

Version 1.0.2
Context Menu
Stability


— Version 1.0.2 improved extension stability,
fixed context menu duplication on browser
reload, and added the right-click
position tracking feature used to
identify which element the user
right-clicked on for targeted
mangled web address repair.


  • Context menu deduplication:
    Fixed bug where the right-click menu
    entry was duplicated on extension
    reload or browser restart.
    Added menusCreated guard
    and removeAll() before
    re-creating menus.

  • Right-click position tracking:
    Content script now captures the
    X/Y coordinates of right-click events
    and sends them to the background script
    via RIGHT_CLICK_POSITION
    message — enabling more accurate
    element targeting.

  • Message listener stability:
    Background script message listener
    now correctly returns true
    for async response handling,
    preventing port closed errors.

  • Badge counter fix:
    Action count badge now correctly
    initialises on browser startup
    from stored totalActions value.

  • Error handling improved:
    All chrome.scripting.executeScript
    calls now include .catch()
    handlers with descriptive console errors.
  • 🐛
    Bug fix:
    Fixed crash when right-clicking on
    pages that block content script injection
    (e.g. chrome:// pages, PDF viewer).
background.js
content.js
Stability

v1.0.1
February 2025

Version 1.0.1
False Positive Fix
Whitelist


— Version 1.0.1 addressed the first wave of
user-reported false positives — cases where
the broken URL fixer
was incorrectly modifying legitimate URLs
that contained + characters
in query strings, particularly on
Google Search and OAuth flows.


  • Google Search whitelist:
    URLs matching
    https://www.google.com/search?
    and variants are now always skipped —
    the + in search queries
    is an encoded space, not a separator.

  • OAuth flow protection:
    URLs containing /oauth/,
    /authorize?,
    /callback? and
    access_token= patterns
    are now whitelisted to prevent
    token corruption.

  • Fragment-only URL skip:
    URLs that are anchor links only
    (#section-name)
    are now correctly skipped.

  • HTML attribute detection:
    Strings containing href=,
    src=, action=
    and similar HTML attribute patterns
    are now skipped to prevent
    HTML markup from being modified.

  • Bracket-wrapped string skip:
    Strings wrapped in
    [square brackets]
    or (parentheses)
    are now skipped as they are
    unlikely to be plain URLs.

  • Initial whitelist established:
    First version of WHITELISTED_DOMAINS
    with 60 major domains across search,
    social media, Microsoft, Apple,
    Amazon and developer platforms.
  • 🐛
    Bug fix:
    Fixed issue where the extension was
    modifying URLs inside
    <code> and
    <pre> elements
    that were displaying URL examples
    as documentation.
whitelist.js
content.js
Bug Fix

v1.0.0
January 2025
Initial Release

Version 1.0.0
Initial Release
Core Engine


— The first public release of
Links and Web Address Fixer
on the Chrome Web Store.
This version introduced the core
broken URL fixer
engine, the initial
URL obfuscation fix
patterns and the foundational
whitelist system that protects
legitimate URLs from modification.


  • Core URL repair engine:
    Detects and repairs obfuscated URLs
    in page text content using a
    configurable pattern-matching system.

  • Asterisk separator fix:
    Initial support for
    domain*com
    domain.com
    pattern repair.

  • Context menu integration:
    Right-click context menu entry
    “Fix Links on This Page” added
    for manual trigger on any webpage.

  • Automatic page scan:
    Extension automatically scans
    page content on load and repairs
    detected broken URLs in place.

  • Manifest V3 compliant:
    Built on Chrome Extension Manifest V3
    with service worker background script,
    declarative permissions and
    chrome.scripting API.

  • Initial whitelist:
    Foundational whitelist covering
    major protocols (mailto:, tel:,
    javascript:, data:, blob:)
    and common domains to prevent
    false positives.

  • TLD reference file:
    Bundled tlds.js with comprehensive
    top-level domain list for accurate
    URL validation and repair decisions.

  • Zero external dependencies:
    All functionality implemented in
    vanilla JavaScript with no external
    libraries, CDN resources or
    remote API calls.
background.js
content.js
whitelist.js
tlds.js
url-utils.js
Initial Release

Release Summary

All Versions at a Glance

  • v1.0.6

    — Plus-separator URL fix, 200+ URL shortener
    whitelist, smart domain-only normalization.
    Current
  • v1.0.5

    — Asterisk URL fix with path preservation,
    domain-only repair scope, developer
    platform whitelist expansion.
  • v1.0.4

    — Bracket, parenthesis and DOT-word
    obfuscation patterns, Set-based
    whitelist performance improvement.
  • v1.0.3

    — Major whitelist overhaul to 400+ domains,
    protocol and URL prefix whitelists,
    query param protection.
  • v1.0.2

    — Context menu deduplication,
    right-click position tracking,
    message listener stability fixes.
  • v1.0.1

    — Google Search whitelist, OAuth protection,
    HTML attribute detection, initial
    false positive fixes.
  • v1.0.0

    — Initial release. Core URL repair engine,
    asterisk fix, context menu,
    Manifest V3, zero dependencies.