Juho Forsén
Juho Forsén
From the whitepaper, page 186: > **Context Isolation in Developer Extension** > > A developer extension has access to a website's DOM and can execute JavaScript in its context. Google...
The whitepaper does not include enough information to accurately reproduce the WebExtensions test cases. Please describe the test executions in more detail and include code where possible. See also issue...
The WebExtensions "Content Scripts Context Isolation" testcase is marked as failed on Edge. We were not able to reproduce this result in our paper (https://www.researchgate.net/publication/324797493_Tietoturvan_toteutuminen_WebExtensions-rajapinnoissa, in Finnish). Has the issue...
The summary table on page 297 contains the following: > |Feature|Chrome|Edge|MSIE| > |---|---|---|---| > |Web Extension Security Tests (Pass/Fail tests were conducted)|5/10|2/10|0| Nowhere does the paper exactly state what the...
From the whitepaper, page 182: > However, the test uncovered that the applied restriction can be bypassed and lead to external web resources being loaded. The HTML file provided via...
From the whitepaper, page 187: > The extension settings page of Chrome is hosted on chrome://extensions and the aforementioned APIs can be employed by the extension to enumerate all tabs....
From the whitepaper, page 186: > It is not possible to open any file, as Chrome immediately triggers a download for the file instead of showing its contents, therefore prohibiting...
Current subject indicator implementation is very buggy, see e.g. #60. This rewrites queries that include subject indicators so that `:has` selectors are used instead. So e.g. the AST for: ```CSS...
Queries with subject indicators match more nodes than they should, and also match the same node multiple times. E.g.: ```JavaScript esquery(esprima.parse('foo = bar = baz'), '!AssignmentExpression > AssignmentExpression > Identifier');...
Chromium uses the Chrome Infrastructure Package Deployment (CIPD) registry for some dependencies. Some documentation can be found [here](https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/cipd_and_3pp.md) and [here](https://chromium.googlesource.com/infra/luci/luci-go/+/main/cipd/README.md) and examples of package names [here](https://chromium.googlesource.com/chromium/src.git/+/94.0.4590.2/DEPS) -- look for lines...