> Without fingerprinting/certification of the entire javascript-source the server > could serve a manipulated source code that exfiltrates data This is actually one of the described use cases of the new webpackage…
This is what the webext-signed-pages [1] extension does. This only works in a secure manner with Firefox though because Chrome extensions don't have access to the content of the HTTP responses [2]. [1]…
https://docs.tanker.io/latest/guide/device-unlocking/#end-to... > If you want your app to be fully end-to-end, you can use the lower level > unlock mechanisms, which are all end-to-end compliant So if I want to use the…
This is a current Firefox restriction: https://bugzilla.mozilla.org/show_bug.cgi?id=1413615
> Without fingerprinting/certification of the entire javascript-source the server > could serve a manipulated source code that exfiltrates data This is actually one of the described use cases of the new webpackage…
This is what the webext-signed-pages [1] extension does. This only works in a secure manner with Firefox though because Chrome extensions don't have access to the content of the HTTP responses [2]. [1]…
https://docs.tanker.io/latest/guide/device-unlocking/#end-to... > If you want your app to be fully end-to-end, you can use the lower level > unlock mechanisms, which are all end-to-end compliant So if I want to use the…
This is a current Firefox restriction: https://bugzilla.mozilla.org/show_bug.cgi?id=1413615