Merlin
CSS Exfil Protection

CSS Exfil Protection

Guard your browser against CSS Exfil attacks! CSS Exfil is a method attackers can use to steal data from web pages using Cascading Style Sheets (CSS). This plugin sanitizes and blocks any CSS rules which may be designed to steal data.

Merlin
Upgrade to view and diff full source code
Additional files are visible only to premium users

manifest.json

{
  "manifest_version": 2,
  "name": "CSS Exfil Protection",
  "version": "1.1.0",
  "description": "Guard against CSS data exfiltration attacks.",
  "content_security_policy": "script-src 'self'; object-src 'self'; style-src 'self'",
  "permissions": [
    "http://*/",
    "https://*/",
    "storage",
    "tabs"
  ],
  "homepage_url": "https://www.mike-gualtieri.com/css-exfil-vulnerability-tester",
  "icons": {
    "16": "icons/icon-16.png",
    "32": "icons/icon-32.png",
    "48": "icons/icon-48.png",
    "64": "icons/icon-64.png",
    "128": "icons/icon-128.png"
  },
  "browser_action": {
    "default_icon": {
      "48": "icons/icon-48.png"
    },
    "default_popup": "popup.html"
  },
  "options_ui": {
    "page": "popup.html",
    "chrome_style": true
  },
  "content_scripts": [
    {
      "js": [
        "content.js"
      ],
      "matches": [
        "<all_urls>"
      ],
      "all_frames": true,
      "run_at": "document_start"
    }
  ],
  "background": {
    "scripts": [
      "background.js"
    ]
  },
  "applications": {
    "gecko": {
      "id": "{7fc8ef53-24ec-4205-87a4-1e745953bb0d}"
    }
  }
}