React Chrome extension issues with b64 encoding / rollup

jmdot · March 14, 2024, 11:56am

We currently have a react chrome extension that has been flagged by the chrome webstore for code obfuscation. We extensively debugged the app and realized that the obfuscated code is being generated by Auth0 on build. On build the @auth0/auth0-react is encoding ‘rollup-plugin-web-worker-loader’ with base64 and adding it to our build which is not allowed by the chrome webstore. How can we prevent this from happening as it will mean that are chrome extension is removed from the chrome store if we don’t.

tj100 · March 18, 2024, 1:29pm

Same issue with @auth0/auth0-vue. Stems from the @auth0/auth0-spa-js:

github.com

auth0/auth0-spa-js/blob/8653181d23ecea17729da203253d4fa4d17d8ef6/rollup.config.js#L31


      
          const serverPort = process.env.DEV_PORT || defaultDevPort;
          
          const visualizerOptions = {
            filename: 'bundle-stats/index.html'
          };
          
          const getPlugins = shouldMinify => {
            return [
              webWorkerLoader({
                targetPlatform: 'browser',
                sourceMap: !isProduction,
                preserveSource: !isProduction,
                pattern: /^(?!(?:[a-zA-Z]:)|\/).+\.worker\.ts$/
              }),
              resolve({
                browser: true
              }),
              commonjs(),
              typescript({
                clean: true,
                useTsconfigDeclarationDir: true,

jmdot · March 18, 2024, 1:55pm

Thanks for replying tj100, how did you manage to update that to prevent this?