Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chrome Web Store Violation: Having obfuscated code in the package #712

Open
6 tasks done
valyefimov opened this issue Jan 3, 2024 · 3 comments
Open
6 tasks done

Chrome Web Store Violation: Having obfuscated code in the package #712

valyefimov opened this issue Jan 3, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@valyefimov
Copy link

valyefimov commented Jan 3, 2024
edited
Loading

Checklist

Description

I got a violation at the Chrome Web Store.

Code Readability Requirements

Violation reference ID: Red Titanium
Violation: Having obfuscated code in the package.
Violating content:
Code snippet:

ar Bt, Nt, Vt, st, Ir = (Bt = "Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwohZnVuY3Rpb24oKXsidXNlIHN0cmljdCI7Y2xhc3MgZSBleHRlbmRzIEVycm9ye2NvbnN0cnVjdG9yKHQscil7c3VwZXIociksdGhpcy5lcnJvcj10LHRoaXMuZXJyb3JfZGVzY3JpcHRpb249cixPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcyxlLnByb3R

How to rectify: Replace the obfuscated code with human-readable code and resubmit the item.

Reproduction

  1. install npm module
  2. Go to the dist folder and find the string starting with Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2Vy

Additional context

No response

auth0-react version

2.1.1

React version

18.2.0

Which browsers have you tested in?

Chrome
@valyefimov valyefimov added the bug Something isn't working label Jan 3, 2024
@jeremiahmark
Copy link

@valyefimov were you able to find a solution for this? I've just encountered the same issue.

@valyefimov
Copy link
Author

@valyefimov were you able to find a solution for this? I've just encountered the same issue.

Yes, I wrote a script that decodes the string and updates the final JS file. I run that script after making a production build for Chrome Web Store submissions.

    "postbuild-production": "node ./scripts/fix-auth0-violation.js",

https://gist.github.com/valyefimov/f2fc1c70c9bfd94fba98d962e1112c8c

Note: you have to update this line to specify your build folder
const assetsPath = path.join(__dirname, '../build/chrome-mv3-production');

@jeremiahmark
Copy link

@valyefimov were you able to find a solution for this? I've just encountered the same issue.

Yes, I wrote a script that decodes the string and updates the final JS file. I run that script after making a production build for Chrome Web Store submissions.

    "postbuild-production": "node ./scripts/fix-auth0-violation.js",

https://gist.github.com/valyefimov/f2fc1c70c9bfd94fba98d962e1112c8c

Note: you have to update this line to specify your build folder const assetsPath = path.join(__dirname, '../build/chrome-mv3-production');

Thank you so much for this, this is super helpful!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@valyefimov @jeremiahmark