From f757b4585aa52fc34e6abc0919a4b23fb575c0c5 Mon Sep 17 00:00:00 2001 From: becarta Date: Sat, 10 May 2025 03:34:51 +0200 Subject: [PATCH] refactor: Update manifest.json for improved security and functionality - Revise extension description to better reflect its purpose in protecting against phishing and malicious links. - Adjust permissions to include 'tabs' and 'webNavigation' while removing 'activeTab' and 'alarms'. - Simplify host permissions to allow access to all URLs. - Enhance content security policy to allow connections to specific external resources. --- manifest.json | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/manifest.json b/manifest.json index 3c530da..f76fdb6 100644 --- a/manifest.json +++ b/manifest.json @@ -2,16 +2,15 @@ "manifest_version": 3, "name": "Enterprise App Protection", "version": "1.0", - "description": "Warns when enterprise tool mentions are linked to non-official sites", + "description": "Protects enterprise applications from phishing and malicious links", "permissions": [ "storage", - "activeTab", - "scripting", - "alarms" + "tabs", + "webNavigation", + "scripting" ], "host_permissions": [ - "https://raw.githubusercontent.com/*", - "https://safebrowsing.googleapis.com/*" + "*://*/*" ], "background": { "service_worker": "background.js", @@ -44,7 +43,7 @@ }, "options_page": "options.html", "content_security_policy": { - "extension_pages": "script-src 'self'; object-src 'self'; default-src 'self'", + "extension_pages": "script-src 'self'; object-src 'self'; connect-src 'self' https://raw.githubusercontent.com/ https://safebrowsing.googleapis.com/", "sandbox": "sandbox allow-scripts allow-forms allow-popups allow-modals; script-src 'self' 'unsafe-inline' 'unsafe-eval'; child-src 'self'" }, "web_accessible_resources": [{