postMessage-tracker-f
Add-on stats
Ranking
Other platforms
Add-on summary
postMessage-tracker-firefox
This is a super simple port of the extension with added potentially vulnerable function highlighting. All credit goes to Frans Rosén.
Code This addon is free and open-source software (FOSS) all code can be found here: https://github.com/ACK-J/postMessage-tracker-firefox/tree/master Please report your bugs or feature requests in a GitHub issue instead of in a review.
Description Made by Frans Rosén. Presented during the "Attacking modern web technologies"-talk(Slides) at OWASP AppSec Europe back in 2018, but finally released in May 2020.
This Firefox extension monitors postMessage-listeners by showing you an indicator about the amount of listeners in the current window.
It supports tracking listeners in all subframes of the window. It also keeps track of short-lived listeners and listeners enabled upon interactions. You can also log the listener functions and locations to look them through them at a later stage by using the Log URL-option in the extension. This enables you to find hidden listeners that are only enabled for a short time inside an iframe.
See moreAdd-on safety
Risk impact
postMessage-tracker-f requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.
Risk likelihood
postMessage-tracker-f is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this add-on.