Andrew Meyer
Andrew Meyer
It's possible official support for third-party software authenticators could be coming in the future (though I've heard no news about anything like that yet); but even in the absence of...
FYI, the Web Authentication standard is now officially a W3C recommendation: https://www.w3.org/TR/2019/REC-webauthn-1-20190304/ It's possible to implement an Authenticator via a browser extension by intercepting calls to the Web Authentication API...
It sounds like what you're looking for is [`browser.runtime.sendMessage`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/runtime/sendMessage). The KeePassXC Browser extension [already has a wrapper for that](https://github.com/keepassxreboot/keepassxc-browser/blob/a037a0b656201fdf9a467c243fd2b6c6a3f9d8b9/keepassxc-browser/content/keepassxc-browser.js#L9-L11) defined in its existing content script [that already gets injected into...
Okay, I see the problem you're having. ## Problem summary Content scripts [can't interfere with the runtime environment of other scripts on the page](https://developer.chrome.com/docs/extensions/mv2/content_scripts/#isolated_world), which you need to do in...
Malicious extensions are a problem in general; the whole security model of the web is based on the same origin policy and extensions violate that by design. Trying to protect...
> > authenticating the postMessage response using a shared secret sent in the request message > > If this shared secret can be detected by others by listening to all...
Is there a reason why this notification is needed at all? I realize that Oreo doesn't allow background apps to listen for implicit broadcasts anymore, but the proper solution to...
FYI, it looks like the new recommended way to do this is with [WorkManager](https://developer.android.com/topic/libraries/architecture/workmanager). It's part of Android Jetpack and should have better comparability with older API levels.
After encountering this problem myself I've done a bit of experimentation, and there seem to be several issues at play here: First, it appears **Traefik doesn't monitor the certificates files...
Maybe this is a bit naive, but shouldn't the section each change is in denote whether or not it's breaking? * Changes under Fixed and Security are non-breaking, SemVer-Patch changes...