Stylish (Chrome extension) - Revision history

82.3.220.102: Edits by James Arnott. I've removed the "This has not been independently validated" just because I've personally confirmed their obfuscation scheme by decoding the payloads and it can be easily confirmed by others using the given script.

2026-05-29T14:40:35Z

Edits by James Arnott. I've removed the "This has not been independently validated" just because I've personally confirmed their obfuscation scheme by decoding the payloads and it can be easily confirmed by others using the given script.

Show changes

Louis: add verbatim json payload sample and decodestylish javascript decoder from arnott's feb 2026 post

2026-05-29T13:31:45Z

add verbatim json payload sample and decodestylish javascript decoder from arnott's feb 2026 post

@@ Line 68: / Line 68: @@
 In February 2026, James Arnott, founder of Bay Area Labs ("Am I Being Pwned?"), revisited the extension. In a February 26, 2026 post titled ''"Stylish is Back, Back again!"'', Arnott reported that Stylish was still sending a POST request for every page visit, with the same payload structure as in 2018, but now wrapped in a far more elaborate obfuscation scheme.<ref name="aibp-stylish" />
-Arnott listed five 2018 press articles confirming the original takedown, then noted that the current version of the extension carries both Google's ''"Verified Publisher"'' & ''"Featured"'' badges on the Chrome Web Store.<ref name="aibp-stylish" /> A sample payload he captured contains the fields ''gp'' (current URL), ''klm'' (previous URL), & ''pxe'' (per-user identifier), among others.<ref name="aibp-stylish" /> Arnott wrote:
+Arnott listed five 2018 press articles confirming the original takedown, then noted that the current version of the extension carries both Google's ''"Verified Publisher"'' & ''"Featured"'' badges on the Chrome Web Store.<ref name="aibp-stylish" /> A sample payload he captured contains the fields ''gp'' (current URL), ''klm'' (previous URL), & ''pxe'' (per-user identifier), among others.<ref name="aibp-stylish" /> The payload Arnott published, captured from a single page visit, was:<ref name="aibp-stylish" />
 <blockquote>''Where gp is your current URL, klm was your previous URL and pxe is your unique identifier, amongst other data.''</blockquote><ref name="aibp-stylish" />
@@ Line 86: / Line 109: @@
 <blockquote>''URL encoding to a query string... Double base64 encoded JSON stringified, then base64 again... Columnar transposition cipher, the base64 string is split into 48-character rows, then read column-by-column instead of row-by-row, scrambling the text... AES-256-CBC encrypted using a symmetric key hardcoded in the extension source code... Base64 encoded one final time.''</blockquote><ref name="aibp-stylish" />
-Arnott characterized the construction as more elaborate than its purpose required. On the AES-256-CBC stage, he commented that a hardcoded symmetric key offers no real confidentiality against anyone who can read the extension's JavaScript, & noted that asymmetric encryption would have avoided shipping the key inside the extension at all.<ref name="aibp-stylish" /> He published a working decode script demonstrating that the entire chain can be reversed using the embedded key.<ref name="aibp-stylish" /> Arnott summarized his read of the chain's motive:
+Arnott characterized the construction as more elaborate than its purpose required. On the AES-256-CBC stage, he commented that a hardcoded symmetric key offers no real confidentiality against anyone who can read the extension's JavaScript, & noted that asymmetric encryption would have avoided shipping the key inside the extension at all.<ref name="aibp-stylish" /> He published the following JavaScript decoder, which uses the symmetric key extracted from the extension to reverse the entire chain & recover the original URL payload:<ref name="aibp-stylish" />
 <blockquote>''This POST request is obfuscated, which in my opinion is to make it harder for people to see what it's doing or to get around the Chrome Web Store publishing review process, or perhaps even both.''</blockquote><ref name="aibp-stylish" />

Louis: new product article on the stylish chrome extension. covers the 2017 similarweb acquisition, robert heaton's 2018 url-exfiltration disclosure and the two-day chrome and firefox takedowns, arnott's 2026 wall-of-shame entry, the five-stage obfuscation chain, the privacy-policy contradiction, and the stylus fork as the practical alternative.

2026-05-29T13:23:25Z

new product article on the stylish chrome extension. covers the 2017 similarweb acquisition, robert heaton's 2018 url-exfiltration disclosure and the two-day chrome and firefox takedowns, arnott's 2026 wall-of-shame entry, the five-stage obfuscation chain, the privacy-policy contradiction, and the stylus fork as the practical alternative.

New page

{{ProductCargo
|ArticleType=Product
|Category=Browser extension
|Company=SimilarWeb
|Description=Browser extension that exfiltrates every URL its users visit & their AI chat content to SimilarWeb's servers
|InProduction=Yes
|ReleaseYear=2006
|Website=https://userstyles.org/
}}

'''Stylish''' is a Chrome & Firefox browser extension for applying user-written CSS skins to websites, originally written by Jason Barnabe as an open-source project & in circulation by January 2006 when Jesse Ruderman reviewed it.<ref name="ruderman">{{Cite web |title=Stylish |url=https://www.squarefree.com/2006/01/15/stylish/ |first=Jesse |last=Ruderman |date=2006-01-15 |website=squarefree.com}}</ref> It has been owned since January 2017 by the digital-market-intelligence firm [[SimilarWeb]],<ref name="bc-2017">{{Cite web |title=2 Million Users Impacted by New Data Collection Policy in Stylish Browser Add-On |url=https://www.bleepingcomputer.com/news/software/2-million-users-impacted-by-new-data-collection-policy-in-stylish-browser-add-on/ |first=Catalin |last=Cimpanu |date=2017-01-04 |website=BleepingComputer}}</ref><ref name="aibp-stylish" /> which uses the extension to record every URL its users visit. Security researcher Robert Heaton documented the full-URL exfiltration on July 2, 2018,<ref name="heaton1">{{Cite web |title="Stylish" browser extension steals all your internet history |url=https://robertheaton.com/2018/07/02/stylish-browser-extension-steals-your-internet-history/ |first=Robert |last=Heaton |date=2018-07-02 |website=robertheaton.com}}</ref> after which Google & Mozilla removed Stylish from both stores within two days;<ref name="heaton1" /><ref name="bc-2018">{{Cite web |title=Chrome and Firefox Pull Stylish Add-On After Report It Logged Browser History |url=https://www.bleepingcomputer.com/news/software/chrome-and-firefox-pull-stylish-add-on-after-report-it-logged-browser-history/ |first=Catalin |last=Cimpanu |date=2018-07-04 |website=BleepingComputer}}</ref> the extension was back in the Firefox add-on store by August 16, 2018 behind an opt-in startup screen.<ref name="heaton2">{{Cite web |title="Stylish" is back, and you still shouldn't use it |url=https://robertheaton.com/2018/08/16/stylish-is-back-and-you-still-shouldnt-use-it/ |first=Robert |last=Heaton |date=2018-08-16 |website=robertheaton.com}}</ref> In February 2026, security researcher James Arnott of Bay Area Labs reported that Stylish was still exfiltrating every visited URL through a five-stage obfuscation chain ending in AES-256-CBC encryption with a symmetric key hardcoded in the extension's own source code,<ref name="aibp-stylish">{{Cite web |title=Stylish is Back, Back again! |url=https://amibeingpwned.com/blog/stylish-is-back-back-again/ |first=James |last=Arnott |date=2026-02-26 |website=Am I Being Pwned?}}</ref> and in May 2026 Arnott ranked Stylish first on his ''"AI Chat Scraping Extension Wall of Shame,"'' reporting it also exfiltrates user conversations with Character.AI, ChatGPT, & Claude.<ref name="aibp-wall">{{Cite web |title=The AI Chat Scraping Extension Wall of Shame |url=https://amibeingpwned.com/blog/ai-chat-scraper-wall-of-shame |first=James |last=Arnott |date=2026-05-11 |website=Am I Being Pwned?}}</ref> As of May 2026, the Chrome Web Store lists Stylish with 2,000,000 users & displays both Google's ''"Featured"'' badge & a ''"Verified Publisher"'' badge on its listing.<ref name="cws-stylish">{{Cite web |title=Stylish - Custom themes for any website |url=https://chromewebstore.google.com/detail/stylish-custom-themes-for/fjnbnpbmkenffdnngjfgmeleoegfcffe |publisher=Google / Similarweb LTD |date=2026-03-19 |website=Chrome Web Store}}</ref><ref name="aibp-wall" />

== Consumer-impact summary ==

* Records the full URL of every page the user visits & sends it to SimilarWeb's servers, including the query string of every Google search, password-reset links sent by email, & one-time medical-record links.<ref name="heaton1" />
* Sends the captured URLs together with a per-user identifier that can be tied to a real-world identity through the userstyles.org login cookie, which is scoped to all userstyles.org subdomains.<ref name="heaton1" />
* As of 2026, also captures user conversations with hosted AI assistants such as Character.AI, ChatGPT, & Claude.<ref name="aibp-wall" />
* Wraps the captured data in a five-stage encoding chain ending in AES-256-CBC encryption whose key is hardcoded in the extension's own JavaScript, so the encryption protects the data only from outside observers, not from SimilarWeb.<ref name="aibp-stylish" />
* Carries Google's ''"Featured"'' & ''"Verified Publisher"'' badges on the Chrome Web Store despite the documented behavior.<ref name="cws-stylish" /><ref name="aibp-wall" />
* The open-source fork [[Stylus]], maintained by the community after the 2017 SimilarWeb acquisition, is a drop-in replacement that caches styles locally & sends nothing to a server.<ref name="cws-stylus">{{Cite web |title=Stylus |url=https://chromewebstore.google.com/detail/stylus/clngdbkpkpeebahjckkjfobafhncgmne |publisher=Google / stylus.openstyles |date=2026-05-26 |website=Chrome Web Store}}</ref>

== Background ==

Stylish lets users apply user-written CSS to any website, replacing fonts, colors, & layouts with community-contributed "skins." It was created by Jason Barnabe as a Firefox extension; the earliest contemporaneous record in the source set is Jesse Ruderman's January 15, 2006 review on squarefree.com, which described it as ''"a Firefox extension by Jason Barnabe"'' that ''"lets you manage CSS rules to change the appearance of web sites."''<ref name="ruderman" /> Barnabe also operated the userstyles.org community site where users uploaded & shared their styles.<ref name="ghacks">{{Cite web |title=Stylish and userstyles.org have a new owner |url=https://www.ghacks.net/2016/10/09/stylish-and-userstyles-org-have-a-new-owner/ |first=Martin |last=Brinkmann |date=2016-10-09 |website=gHacks Tech News}}</ref>

For about a decade, Stylish operated as a small open-source project with no server-side telemetry: the extension fetched styles when the user asked for them & otherwise ran entirely locally. That changed when Barnabe stepped back from the project. In late September & early October 2016, ownership of both the Stylish extension & userstyles.org was transferred from Barnabe to a new operator named Justin Hindman.<ref name="ghacks" /> Three months later, Hindman announced that he had sold or partnered the project to SimilarWeb.<ref name="bc-2017" />

== SimilarWeb acquisition ==

On January 4, 2017, BleepingComputer reported that Stylish ''"announced this week through the voice of its new owner a new data collection partnership with SimilarWeb, a digital market intelligence company,"'' with Hindman explaining the deal as a resource problem.<ref name="bc-2017" /> In a statement to the publication, Hindman wrote:

<blockquote>''When I first started working on Stylish, I understood that this product is incredible, but in order to bring it to its full potential, it would require a tremendous amount of resources I just don't have.''</blockquote><ref name="bc-2017" />

The new privacy policy added a data-collection feature labeled the ''"Suggested Web Styles"'' system. SimilarWeb's stated rationale was that recording each user's visited URLs let the extension recommend matching community styles. An opt-out toggle existed in the extension's settings panel, but BleepingComputer noted ''"[t]he anonymous data collection system comes turned on by default in all new installations"''; unchecking it disabled the suggestion feature & excluded the user from the displayed install counts.<ref name="bc-2017" /> At the time, Stylish had nearly two million users across Chrome & Firefox.<ref name="bc-2017" />

== 2018 disclosure & takedown ==

=== Heaton's findings ===

On July 2, 2018, software engineer Robert Heaton published a technical write-up titled ''"'Stylish' browser extension steals all your internet history."'' Working with the Burp Suite proxy, he had noticed that his browser was sending a steady stream of obfuscated POST requests to ''api.userstyles.org/stats.'' He described the encoding as plain base64 wrapped twice:

<blockquote>''I noticed that the data blob contained only letters and numbers and ended in %3D, the URL encoding for an = sign. This made me suspect that the blob had been Base64 encoded. I tried Base64 decoding it... Still nonsense. But the decoded string also contained only letters and numbers, and also ended in an = sign. I tried Base64 decoding it a second time... Pyrrhic victory. When I looked at the contents of the decoded payload, I realized that Stylish was exfiltrating all my browsing data.''</blockquote><ref name="heaton1" />

Inside the decoded payload Heaton found a unique tracking identifier attached to each request. Because the same browser also held a userstyles.org login session, the tracking identifier could be linked to a registered account. As Heaton put it, ''"Stylish's session cookie is scoped to *.userstyles.org, so it gets sent to every userstyles.org sub-domain as well."''<ref name="heaton1" /> He noted that the cookie expired at the end of each browser session, but pointed out that ''"it only takes one tracking request containing one session cookie to permanently associate a user account with a Stylish tracking identifier."''<ref name="heaton1" />

Heaton walked through the consumer-harm implications of recording full URLs rather than only domain names. Password-reset emails, one-time login tokens, & short-lived medical-record links from Amazon S3 all live inside URLs; capturing the full path & query string captures all of those secrets too.<ref name="heaton1" /> He also rejected the company's stated rationale, writing that if SimilarWeb only needed to suggest matching styles, ''"then they would only need to send themselves the current page's domain, not the full URL."''<ref name="heaton1" />

=== Press coverage & store removal ===

The disclosure was picked up by The Register on July 5, 2018, which independently summarized Heaton's findings & noted the gap between the privacy policy & the observed behavior: ''"While the SimilarWeb privacy policy for Stylish says it only collects anonymous data, Heaton found it was attaching an identifier to the data returned to the company."''<ref name="register">{{Cite web |title=Chrome, Firefox pull very unstylish Stylish invasive browser plugin |url=https://www.theregister.com/2018/07/05/browsers_pull_stylish_but_invasive_browser_extension/ |first=Richard |last=Chirgwin |date=2018-07-05 |website=The Register}}</ref> KitGuru ran a similar story the same day.<ref name="kitguru">{{Cite web |title=Stylish browser extension found stealing user's internet browsing history |url=https://www.kitguru.net/tech-news/featured-tech-news/ryan-burgess/stylish-browser-extension-found-stealing-users-internet-browsing-history/ |first=Ryan |last=Burgess |date=2018-07-05 |website=KitGuru}}</ref>

By July 4, 2018, both stores had pulled the extension. BleepingComputer reported that day:

<blockquote>''Google and Mozilla have removed the Stylish browser extension from their respective add-on stores after the publication of a report this week that accused the extension of logging users' browser histories and sending the data to remote servers.''</blockquote><ref name="bc-2018" />

BleepingComputer quoted Mozilla software engineer Andreas Wagner's bug-report comment: ''"We decided to block [Stylish] because of violation of data practices outlined in the review policy."''<ref name="bc-2018" /> Google did not issue a public explanation, but the Chrome Web Store listing began returning a 404 error.<ref name="bc-2018" /> Heaton's own post records the same two-day window in an update line: ''"2 days after publication of this post, Stylish was removed from the Chrome and Firefox stores. 3 weeks later, a new version is back in the Firefox store."''<ref name="heaton1" />

=== Return to Firefox ===

Stylish v3.1.8 was visible in the Firefox add-on store by August 16, 2018. Heaton published a follow-up the same day. The new build had not removed the tracking; it had moved the tracking behind a startup screen. Heaton wrote:

<blockquote>''It comes with a tastefully designed startup screen asking whether you would like to opt-in to having all your browsing history sent to the SimilarWeb servers. If you tick the boxes saying "no, obviously not" then it also features an aesthetically pleasing design dark pattern designed to trick you into accidentally changing your mind.''</blockquote><ref name="heaton2" />

His recommended response was unchanged from the original post: switch to the open-source fork. ''"[T]he Stylus browser extension is an exact substitute for Stylish,"'' he wrote.<ref name="heaton2" />

== 2026 Am I Being Pwned investigation ==

In February 2026, James Arnott, founder of Bay Area Labs ("Am I Being Pwned?"), revisited the extension. In a February 26, 2026 post titled ''"Stylish is Back, Back again!"'', Arnott reported that Stylish was still sending a POST request for every page visit, with the same payload structure as in 2018, but now wrapped in a far more elaborate obfuscation scheme.<ref name="aibp-stylish" />

Arnott listed five 2018 press articles confirming the original takedown, then noted that the current version of the extension carries both Google's ''"Verified Publisher"'' & ''"Featured"'' badges on the Chrome Web Store.<ref name="aibp-stylish" /> A sample payload he captured contains the fields ''gp'' (current URL), ''klm'' (previous URL), & ''pxe'' (per-user identifier), among others.<ref name="aibp-stylish" /> Arnott wrote:

<blockquote>''Where gp is your current URL, klm was your previous URL and pxe is your unique identifier, amongst other data.''</blockquote><ref name="aibp-stylish" />

On May 11, 2026, Arnott published ''"The AI Chat Scraping Extension Wall of Shame,"'' a ranked list of seven Chrome extensions he observed scraping user conversations with hosted AI assistants. Stylish was entry #1, classified as ''"Confirmed"'' with ''"Extensive"'' obfuscation, & listed at 2,000,000 users. Arnott wrote:

<blockquote>''Stylish has the most extensive obfuscation we've seen, as we covered here. They exfiltrate all URLs and AI chats from providers like Character AI, ChatGPT, Claude, etc.''</blockquote><ref name="aibp-wall" />

He noted that Stylish's Chrome Web Store listing prominently displays the line ''"We care about your privacy."''<ref name="aibp-wall" /><ref name="cws-stylish" />

=== Five-stage obfuscation chain ===

Plain English: the extension takes the URL of every page the user visits, scrambles it five different ways one after the other, & only then sends it to SimilarWeb's servers. The point of the scrambling is not to keep the data secret; SimilarWeb can unscramble it because the unscrambling instructions are inside the extension itself. The point is to make it hard for outside reviewers, including the Chrome Web Store's automated review process, to recognize what is leaving the browser.

According to Arnott's reverse engineering, which has not been independently reproduced, the payload passes through these five stages in order:<ref name="aibp-stylish" />

<blockquote>''URL encoding to a query string... Double base64 encoded JSON stringified, then base64 again... Columnar transposition cipher, the base64 string is split into 48-character rows, then read column-by-column instead of row-by-row, scrambling the text... AES-256-CBC encrypted using a symmetric key hardcoded in the extension source code... Base64 encoded one final time.''</blockquote><ref name="aibp-stylish" />

Arnott characterized the construction as more elaborate than its purpose required. On the AES-256-CBC stage, he commented that a hardcoded symmetric key offers no real confidentiality against anyone who can read the extension's JavaScript, & noted that asymmetric encryption would have avoided shipping the key inside the extension at all.<ref name="aibp-stylish" /> He published a working decode script demonstrating that the entire chain can be reversed using the embedded key.<ref name="aibp-stylish" /> Arnott summarized his read of the chain's motive:

<blockquote>''This POST request is obfuscated, which in my opinion is to make it harder for people to see what it's doing or to get around the Chrome Web Store publishing review process, or perhaps even both.''</blockquote><ref name="aibp-stylish" />

== Privacy-policy contradiction ==

Stylish's current Chrome Web Store listing carries Google's standard data-handling disclosure block. Under that block, the developer has declared that the extension's collected data is ''"Not being sold to third parties, outside of the approved use cases"'' & ''"Not being used or transferred for purposes that are unrelated to the item's core functionality."''<ref name="cws-stylish" /> The listing also states: ''"we collect anonymous browsing data as described in our privacy policy https://userstyles.org/privacy-policy."''<ref name="cws-stylish" />

Arnott reports that the linked userstyles.org privacy policy says the opposite. In his February 2026 post he wrote that the policy ''"states that they explicitly do sell personal data,"'' contradicting the larger-font Chrome Web Store declaration on the same product.<ref name="aibp-stylish" /> He further observed that the Chrome Web Store's ''"approved use cases"'' list does not include selling user data for business purposes & in fact prohibits it.<ref name="aibp-stylish" />

The Chrome Web Store's own User Data FAQ, which governs what extensions are allowed to do with user data, states that ''"Ad targeting or other monetization of this data isn't for a user-facing feature"'' & that a product collecting browsing activity for any non-user-facing purpose is not permitted.<ref name="cws-faq">{{Cite web |title=User Data FAQ |url=https://developer.chrome.com/docs/webstore/program-policies/user-data-faq |publisher=Google / Chrome for Developers |website=Chrome for Developers |access-date=2026-05-29}}</ref>

== Stylus ==

[[Stylus]] is the open-source fork of Stylish maintained by the community after the SimilarWeb acquisition. It was forked from Stylish v1.5.2 with the stated goal of removing all tracking & restoring a simpler user interface.<ref name="add0n">{{Cite web |title=Stylus :: add0n.com |url=https://add0n.com/stylus.html |publisher=Stylus Team |website=add0n.com}}</ref> Both Heaton (in 2018) & Arnott (in 2026) recommended Stylus as the practical mitigation for Stylish users.<ref name="heaton2" /><ref name="aibp-stylish" />

As of May 2026, the Stylus Chrome Web Store listing shows 1,000,000 users, version 2.3.28, updated May 26, 2026, with publisher ''stylus.openstyles@gmail.com.''<ref name="cws-stylus" /> The listing describes its data practices in plain language: ''"Unlike other similar extensions, we don't find you to be all that interesting. Your questionable browsing history should remain between you and the NSA. Stylus collects nothing. Period."''<ref name="cws-stylus" /> Chrome Web Store displays the disclosure ''"[t]he developer has disclosed that it will not collect or use your data."''<ref name="cws-stylus" /> Functionally, Stylus reads userstyles.org's style libraries the same way the old version of Stylish did, caches the styles locally on the user's machine, & does not contact a server for each page visit.<ref name="aibp-stylish" />

== Chrome Web Store status ==

As of May 2026, the Stylish Chrome Web Store listing (extension ID ''fjnbnpbmkenffdnngjfgmeleoegfcffe'') shows:<ref name="cws-stylish" />

* Publisher: ''Similarweb LTD,'' 33 Itzhak Rabin Rd., Givatayim 5348303, Israel; D-U-N-S 533122482; trader status declared for the European Union.
* User count: 2,000,000.
* Rating: 4.3 out of 5 from 22,200 ratings.
* Version: 3.4.14, updated March 19, 2026.
* Badges: ''"Featured"'' & a ''"Verified Publisher"'' indicator (''"The publisher has a good record with no history of violations"'').
* Declared data collected: web history.
* Declared data uses: ''"Not being sold to third parties, outside of the approved use cases"''; ''"Not being used or transferred for purposes that are unrelated to the item's core functionality."''

Google describes the Featured badge as recognizing extensions that ''"follow our technical best practices and meet a high standard of user experience and design,"'' including ''"respecting the privacy of end-users,"'' with each badge assigned after manual review by Chrome staff.<ref name="google-badge">{{Cite web |title=Find great extensions with new Chrome Web Store badges |url=https://blog.google/products-and-platforms/products/chrome/find-great-extensions-new-chrome-web-store-badges/ |first=Debbie |last=Kim |date=2022-04-20 |publisher=Google}}</ref>

== See also ==

* [[SimilarWeb]]
* [[Stylus]]
* [[Browser extension AI chat exfiltration]]
* [[Chrome Web Store]]

== References ==

{{reflist}}

[[Category:Browser extensions]]
[[Category:Privacy incidents]]
[[Category:SimilarWeb]]