How to secure the Safari web extension?

Question

Level 1

4 points

How to secure the Safari web extension?

I'm tasked with securing a Safari browser extension that my organization created. (It was previously launched in other browsers, and still running on those. It is using WebExtensions.) I've searched for many hours on this and find very very little information on how to secure it. (Pretty much just https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Content_Security_Policy.) Is there anything more extensive/comprehensive?

By comparison, when looking for resources for securing the Firefox version of the extension, I found https://extensionworkshop.com/documentation/develop/build-a-secure-extension/, which I think is a great resource. Some of that content applies to Safari, but it's hard to know to what extent. I'll need to secure Safari web and Safari mobile (i.e. iOS), but for now I'm focused on web. (But if you have anything on mobile, then please let me know also.) Thank you!

Posted on Feb 3, 2022 3:18 PM

Reply

Answer 1

etresoft

Level 9

56,326 points

Feb 17, 2022 6:53 AM in response to zolog

This is a user-to-user support forum for consumer products. Your question is a very specific developer question. It would be better suited to the Apple Developer forums. They have a forum dedicated to Safari Extensions: Safari Extensions | Apple Developer Forums

Reply

Answer 2

Z_B-B

Level 2

296 points

Feb 17, 2022 5:39 AM in response to zolog

I would recommend you to build/secure it in Angular. (Angular compiler).

The service will be protected

The end user will not be able to see or edit what you did after: ng build

Reply

How to secure the Safari web extension?

Similar questions