mirror of
https://github.com/momenbasel/keyFinder.git
synced 2026-06-08 00:53:55 +02:00
moamen
e324d69611
- Bump Firefox manifest to 2.1.0 alongside Chrome - Switch Firefox interceptor injection to loader pattern so the nonce handoff to content.js works (MAIN-world content script alone has no documentElement nonce, causing all findings to be rejected) - Add CSP and web_accessible_resources entries to match Chrome - Include js/interceptor-loader.js in build.sh shared files - Ignore dist/ build output
56 lines
1.4 KiB
JSON
56 lines
1.4 KiB
JSON
{
|
|
"name": "KeyFinder",
|
|
"description": "Passively discovers API keys, tokens, and secrets leaked in page scripts, DOM, network responses, and browser storage. Available for Chrome and Firefox.",
|
|
"version": "2.1.0",
|
|
"manifest_version": 3,
|
|
"browser_specific_settings": {
|
|
"gecko": {
|
|
"id": "keyfinder@momenbasel.com",
|
|
"strict_min_version": "128.0",
|
|
"data_collection_permissions": {
|
|
"required": ["none"]
|
|
}
|
|
}
|
|
},
|
|
"action": {
|
|
"default_icon": {
|
|
"16": "icons/icon16.png",
|
|
"48": "icons/icon48.png",
|
|
"128": "icons/icon128.png"
|
|
},
|
|
"default_popup": "popup.html"
|
|
},
|
|
"icons": {
|
|
"16": "icons/icon16.png",
|
|
"48": "icons/icon48.png",
|
|
"128": "icons/icon128.png"
|
|
},
|
|
"content_scripts": [
|
|
{
|
|
"matches": ["<all_urls>"],
|
|
"js": ["js/patterns.js", "js/content.js"],
|
|
"run_at": "document_idle",
|
|
"all_frames": true
|
|
},
|
|
{
|
|
"matches": ["<all_urls>"],
|
|
"js": ["js/interceptor-loader.js"],
|
|
"run_at": "document_start",
|
|
"all_frames": true
|
|
}
|
|
],
|
|
"content_security_policy": {
|
|
"extension_pages": "script-src 'self'; object-src 'self'"
|
|
},
|
|
"background": {
|
|
"scripts": ["js/background.js"]
|
|
},
|
|
"web_accessible_resources": [
|
|
{
|
|
"resources": ["js/interceptor.js"],
|
|
"matches": ["<all_urls>"]
|
|
}
|
|
],
|
|
"permissions": ["activeTab", "storage"]
|
|
}
|