And where is the bug, content script or background page?
-
-
and in this case, the extension also has the ability to inject code into any http or https page afaics in the manifest
-
so afaics in this case it's UXSS on http and https, plus ability to load file:// URIs and some other special stuff
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.