Item logo image for EXIF Viewer Pro

EXIF Viewer Pro

exifviewers.com
Featured
3.4(

465 ratings

)
ExtensionArt & Design80,000 users

54 support issues

For additional help, check out the developer's support site.

  • All
  • Questions
  • Suggestions
  • Problems

Mustapha Tarkane

Aug 14, 2023

tyu

àpmm

Samuel Tekrenius

Apr 18, 2023

Extension does NOT activate via shortcut

When this extension is assigned to a keyboard shortcut, via "Manage Extensions > Keyboard Shortcuts > Exif viewer > Activate" -- what is supposed to happen?

No matter which shortcut binding I try to assign, the extension DOES NOT open via the shortcut. Could this be fixed, so that we can open the extension via shortcuts, in addition to the "Chrome context-menu" ?

Julian Hallberg

Jan 24, 2022

Show Exif data doesn't exist

Hi. Right click --> Show Exif data doesn't exist.
How to fix this problem?

Andre Perreault

Sep 12, 2021

Stops working, then won't let me re-enable

Hi. I never disabled it at all. So I looked up this page on Google again to see if it un-installed for some reason. No, it was still installed. But then had a thing at the top of the screen which said "This item has been disabled in Chrome. Enable this item". So I click to enable, but nothing happens.

Google Chrome, and Windows 10 device. Again, it was working for a couple of days, and stopped for no reason.

Any suggestions as to fix this problem would be appreciated. I would like to use it.

Thanks

Peter Klausener

Jul 29, 2021

Konfiguration

Hello,
where can I disable the Google Analytics Cookie?
where can I disable the icon on top of every image?

Thank you

Associació Fotogràfica Ripoll

Jan 2, 2021

compartir imágenes con datos Exif

hola necesito poder compartir imágenes con sus datos exif, desde una pagina web "WIX", como podría hacerlo? puede enviar un enlace a Drive por ejemplo o algo similar?

Alexey B

Dec 4, 2020

UTF-8

The UTF-8 encoding in the description is misinterpreted.

Александр С.

Aug 16, 2019

Memory leak

Memory leak.

Scott

Nov 24, 2018

Security Issues

Basically, here's the content of my review, which explains it:

This plugin does work in the sense that it shows EXIF data, along with histogram data.

It does not show all EXIF data though...only specific fields, so some EXIF data is not shown. Would prefer to see all EXIF data, or at least the option for it.

Unfortunately when it comes to security, it's pretty sloppy. It really needs a security audit to determine just how vulnerable, but in a few minutes I was able to find the following issues.

I'll break down my rating like this:

- Functionality: 4
- Interface: 3
- Security: 1

Total rating with weight on Security: 2

It sends and retrieves data to 9(!) different domains via insecure connections (http instead of https), with no disclosure in the plugin description. These are contacted either by XML HTTP Request (XHR) silently in the browser background without your knowledge, or they have an HTML link. (Most are by XHR.)

When you don't use a secure internet connection - https (SSL/TLS) - any website/URL you visit could be a hacker imitating that site and stealing your data (auth cookies, private data, etc) - it's called a Man in the Middle Attack. Also, your data is not encrypted so it's flying around the internet in clear text and you increase your chance of getting hacked and leaking privacy info.

Even if you think that the target domain will just redirect your link or XHR to a secure version of the URL, you would be wrong, because it could get intercepted before it even gets to the target site, and then redirected to any site, without your knowledge.

In the plugin's code I found the following 9(!) domains accessed via http (insecure) connection instead of https (secure) connection.

api.flickr.com
cdn.sstatic.net
code.google.com
dl.comsoc.org
maps.google.com
ns.adobe.com
stackoverflow.com
tiny.cc
www.google.com

In addition, the following 8 domains are accessed via a secure connection (https):

ajax.googleapis.com
dl.dropboxusercontent.com
dsnet.bitbucket.io
gapps-61f4c.firebaseapp.com
ssl.google-analytics.com
www.dpreview.com
www.google-analytics.com
www.paypal.com

That's 17 domains being accessed! That's a lot for one Chrome extension. There's also a lot of room for security issues when you're dealing with that many....it's just not necessary.

URL shorteners in the code:

tiny.cc

In addition to not being a secure URL, this is an obscured link via a URL shortener...terrible security practice for an extension or plugin. The destination URL should be transparent. (At least the domain.)

User data is being tracked by Google Analytics. I find that pretty offensive and refuse to use extensions that do this. I know devs/authors may be allowed to do this, but from a privacy point of view it's a terrible idea to use analytics software in an extension without any kind of notice, and without any opt-out capability!! Definitely not GDPR compliant!

One last point on security: The plugin contains an image saying it's certified to not have malware, viruses, etc. I find that a little offensive considering just how poor its security is. Having an image like that can create a false sense of security for users. (It's actually what red-flagged me to look through the code, as it seemed odd.) Not ok.

To be clear, this was not a security audit, just some quick notes. It needs a real security audit performed.

However, I've seen enough issues to not use this plugin. I would recommend you not use it either until it gets a security overhaul.

Vincent van der Tuin

Oct 20, 2018

Doesn't work

Nice idea, but it doesn't work. When I click the extension's button or the "Show EXIF data" menu option, nothing happens.

Google apps