OWASP
Update Browser_Extension_Vulnerabilities_Cheat_Sheet.md
I've added chrome.runtime.sendMessage/onMessage check as a additional section. This was missing on the CS
:triangular_flag_on_post: If your PR is related to grammar/typo mistakes, please double-check the file for other mistakes in order to fix all the issues in the current cheat sheet.
Please make sure that for your contribution:
- [ ] In case of a new Cheat Sheet, you have used the Cheat Sheet template.
- [X] All the markdown files do not raise any validation policy violation, see the policy.
- [X] All the markdown files follow these format rules.
- [X] All your assets are stored in the assets folder.
- [X] All the images used are in the PNG format.
- [X] Any references to websites have been formatted as
[TEXT](URL) - [X] You verified/tested the effectiveness of your contribution (e.g., the defensive code proposed is really an effective remediation? Please verify it works!).
- [X] The CI build of your PR pass, see the build status here.
If your PR is related to an issue, please finish your PR text with the following line:
This PR fixes issue #<REPLACE WITH ISSUE NUMBER>.
AI Tool Usage Disclosure (required for all PRs)
Please select one of the following options:
- [X] I have NOT used any AI tool to generate the contents of this PR.
- [ ] I have used AI tools to generate the contents of this PR. I have verified
the contents and I affirm the results. The LLM used is
[llm name and version]and the prompt used is[your prompt here]. [Feel free to add more details if needed]
Thank you again for your contribution :smiley:
Thank you for the pointing this out. I've changed the mitigation section, changed to be more action item(ish) list that contains all of the info shared in chrome document. Apart from that added secure example too.
@szh could you please review again?