mirror of
https://github.com/momenbasel/keyFinder.git
synced 2026-06-08 09:03:55 +02:00
anthonyonazure
bfc73ba018
- Prevent fake finding injection via per-session nonce validation between MAIN world interceptor and ISOLATED world content script - Fix CSV formula injection in export by sanitizing cell values - Serialize storage writes to prevent race conditions across tabs - Cap findings at 5000 with oldest-first eviction - Delete findings by unique ID instead of URL to avoid collateral removal - Validate keyword length (50 chars) and count (50 max) - Add MutationObserver for SPA support (dynamic DOM scanning) - Add explicit CSP to manifest - Add per-tab alert icon with red dot overlay when secrets are found