Unsafe assignment to innerHTML #4725
Description
Describe the bug
Edited the extension for lower permissions and needed to upload unlisted to mozilla for signing (required for use in release firefox as not temporarly use).
I got the feedback "Unsafe assignment to innerHTML" (and also "Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.").
The complete output was:
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
pages/help_dialog.js Zeile 86 Spalte 5
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
pages/help_dialog.js Zeile 86 Spalte 5
permissions.request is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
pages/action.js Zeile 26 Spalte 11
Unsafe assignment to innerHTML
Warnung: Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.
pages/completion_engines.js Zeile 43 Spalte 3
Unsafe assignment to innerHTML
Warnung: Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.
pages/vomnibar.js Zeile 341 Spalte 5
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
pages/ui_component_server.js Zeile 6 Spalte 3
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
pages/ui_component_server.js Zeile 6 Spalte 3
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
lib/find_mode_history.js Zeile 4 Spalte 12
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
lib/find_mode_history.js Zeile 4 Spalte 12
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
lib/utils.js Zeile 18 Spalte 5
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
lib/utils.js Zeile 18 Spalte 5
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
lib/utils.js Zeile 18 Spalte 39
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
lib/utils.js Zeile 18 Spalte 39
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
lib/utils.js Zeile 19 Spalte 3
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
lib/utils.js Zeile 19 Spalte 3
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
lib/utils.js Zeile 21 Spalte 3
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
lib/utils.js Zeile 21 Spalte 3
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
lib/utils.js Zeile 215 Spalte 12
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
lib/utils.js Zeile 215 Spalte 12
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/commands.js Zeile 146 Spalte 11
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/commands.js Zeile 146 Spalte 11
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/commands.js Zeile 158 Spalte 11
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/commands.js Zeile 158 Spalte 11
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/commands.js Zeile 246 Spalte 11
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/commands.js Zeile 246 Spalte 11
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/commands.js Zeile 299 Spalte 5
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/commands.js Zeile 299 Spalte 5
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/main.js Zeile 10 Spalte 1
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/main.js Zeile 10 Spalte 1
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/main.js Zeile 19 Spalte 1
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/main.js Zeile 19 Spalte 1
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/main.js Zeile 73 Spalte 9
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/main.js Zeile 73 Spalte 9
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/main.js Zeile 776 Spalte 3
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/main.js Zeile 776 Spalte 3
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/main.js Zeile 784 Spalte 18
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/main.js Zeile 784 Spalte 18
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/marks.js Zeile 18 Spalte 25
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/marks.js Zeile 18 Spalte 25
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/marks.js Zeile 52 Spalte 33
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/marks.js Zeile 52 Spalte 33
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/tab_recency.js Zeile 63 Spalte 28
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/tab_recency.js Zeile 63 Spalte 28
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
background_scripts/tab_recency.js Zeile 87 Spalte 11
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
background_scripts/tab_recency.js Zeile 87 Spalte 11
Unsafe assignment to innerHTML
Warnung: Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.
content_scripts/link_hints.js Zeile 802 Spalte 11
Unsafe assignment to innerHTML
Warnung: Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.
content_scripts/link_hints.js Zeile 886 Spalte 5
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
content_scripts/mode_insert.js Zeile 19 Spalte 5
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
content_scripts/mode_insert.js Zeile 19 Spalte 5
Unsafe assignment to innerHTML
Warnung: Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.
content_scripts/hud.js Zeile 278 Spalte 5
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
content_scripts/ui_component.js Zeile 22 Spalte 7
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
content_scripts/ui_component.js Zeile 22 Spalte 7
Unsafe assignment to innerHTML
Warnung: Due to both security and performance concerns, this may not be set using dynamic values which have not been adequately sanitized. This can lead to security issues or fairly serious performance degradation.
content_scripts/ui_component.js Zeile 24 Spalte 20
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
content_scripts/ui_component.js Zeile 63 Spalte 33
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
content_scripts/ui_component.js Zeile 63 Spalte 33
storage.session is not supported in Firefox version 112.0
Warnung: This API is not implemented by the given minimum Firefox version
content_scripts/mode_normal.js Zeile 15 Spalte 5
storage.session is not supported in Firefox for Android version 112.0
Warnung: This API is not implemented by the given minimum Firefox for Android version
content_scripts/mode_normal.js Zeile 15 Spalte 5
Package already signed
Warnung: Add-ons which are already signed will be re-signed when published on AMO. This will replace any existing signatures on the add-on.
META-INF/manifest.mf
To Reproduce
Upload to mozilla for signing.
Browser and Vimium version
firefox 140.0.2 on ubuntu 24 lts
vimium 2.2.1