CBA version 10.0 and MV3 compliance: bg-inject deprecation and changes to cs-inject Release notes CBA 10.0

CBA

Chromium Browser Automation (extension for chrome browser automation)

Play projects you trust

Short

Never execute a snippet that was provided by an untrusted source.

Longer

With great power comes great responsibility. CBA provides ability to automate quite a lot of annoying and repetitive tasks, but as in case of any powerful tool the power can be missused. As the CBA is user centric product it's our responsibility to keep our users secure and aware. Most of the actions in the CBA provide only limited access to what can be done, mostly it's about manipulating inputs, but actions like inject, bg-inject and cs-inject are capable of doing not only this, as those gives you access to the full capabilities of automating Chrome browser through code injections.

The most important precaution you should take is to ensure that you trust the code you are executing, never execute a snippet that was provided by an untrusted source.

If you are in control of the actions and using trusted snippets, you don't have to be worried about anything, just enjoy your powerful capabilities and be creative in what you are creating.

At CBA we are not aware of such actions beeing taken previously, but it's our responsibility to inform you in advance to keep our users safe.