Is Base64 possible to encode a chrome extension?

Question

Is Base64 possible to encode a chrome extension?

I was looking for base64 to encode part of my chrome extension. However, this did not work when I tried to test it. (An extension works fine if it is not encoded).

Is it possible for Base64 to encode part of javascript for use in the Chrome extension? If so, how?

+4

javascript google-chrome base64 google-chrome-extension

progammingaddict Apr 28 '13 at 16:47

source share

1 answer

Rob w · Accepted Answer · 2013-04-28T19:36:18+0000

The global atob method can be used to decode base64 strings (and btoa can be used to encode a string as base64). After decoding, the eval string can be used to parse the string as code and run it.

For example, here is a single-line font for printing the identifier of the current extension:

 alert(eval(atob('Y2hyb21lLmkxOG4uZ2V0TWVzc2FnZSgnQEBleHRlbnNpb25faWQnKQ==')));

Explanation

I generated the previous base64 line by typing btoa("chrome.i18n.getMessage('@@extension_id')") in the JavaScript console. You can use any other method (e.g. base64 command ). Here's a complete breakdown of the previous single-line file.

 alert(eval(atob(btoa("chrome.i18n.getMessage('@@extension_id')"))); //atob decodes from base64, btoa encodes to base64, so they cancel out each other alert(eval( "chrome.i18n.getMessage('@@extension_id')" )); //eval parses the string as code, so we get alert( chrome.i18n.getMessage('@@extension_id') );

Content Security Policy

If you want to use this method in the extension process (for example, background / popup ), you need to adjust the Content Security Policy . By default, code generation from strings is prohibited. To override this default policy, add the following entry to the manifest file:

 "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'"

Is Base64 possible to encode a chrome extension?

Explanation

Content Security Policy

More articles: