Skip to content

security(browser-extension): fix DOM-based XSS vulnerability#838

Open
akhilesharora wants to merge 1 commit intosupermemoryai:mainfrom
akhilesharora:security/fix-dom-xss-browser-extension-v2
Open

security(browser-extension): fix DOM-based XSS vulnerability#838
akhilesharora wants to merge 1 commit intosupermemoryai:mainfrom
akhilesharora:security/fix-dom-xss-browser-extension-v2

Conversation

@akhilesharora
Copy link
Copy Markdown

@akhilesharora akhilesharora commented Apr 8, 2026

Summary

Fixes critical DOM-based XSS vulnerability in browser extension content scripts.

Continuation of #459 with feedback addressed.

Changes

  • Remove HTML wrappers (<div>, <br>) from stored memories - fixes the visible HTML tags issue
  • Replace innerHTML with document.createTextNode() - prevents XSS
  • Fix all three content scripts: chatgpt.ts, claude.ts, t3.ts

Feedback Addressed

  • ✅ Fixed UI issue with <div> tags appearing in prompt (MaheshtheDev)
  • ✅ Fixed t3.ts which was missed in original PR
  • ✅ Using createTextNode() instead of wrapper elements

@graphite-app graphite-app bot added the extension related to Supermemory Chrome Extension label Apr 8, 2026
@graphite-app graphite-app bot requested a review from Dhravya April 8, 2026 22:03
@MaheshtheDev
Copy link
Copy Markdown
Member

MaheshtheDev commented Apr 12, 2026

@akhilesharora can you share demo with this new changes?

@Dhravya Dhravya requested review from MaheshtheDev and removed request for Dhravya April 14, 2026 17:01
@MaheshtheDev
Copy link
Copy Markdown
Member

MaheshtheDev commented Apr 14, 2026

@akhilesharora any update?

@akhilesharora
Copy link
Copy Markdown
Author

akhilesharora commented Apr 15, 2026

@akhilesharora any update?

Tested this by saving memories with HTML payloads (<img src=x onerror=alert(1)>) through both the UI and direct API calls. Currently the XSS doesn't actually fire - the backend's AI processing rewrites everything into clean text before it reaches the extension.

For example, saving <img src=x onerror=alert(document.cookie)> My favorite color is blue via /v3/documents comes back from /v4/search as just "John Doe's favorite color is blue" - the HTML is gone.

To reproduce:

# Save a memory with HTML payload
curl -X POST 'https://api.supermemory.ai/v3/documents' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"content": "<img src=x onerror=alert(document.cookie)> My favorite color is blue"}'

# Wait ~20 seconds for processing, then search
curl -X POST 'https://api.supermemory.ai/v4/search' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -H 'Content-Type: application/json' \
  -d '{"q": "favorite color"}'

# Returns clean text, HTML stripped by AI processing

That said, that's just a side effect of the AI summarization, not intentional sanitization. The extension code itself doesn't validate anything and passes whatever comes back from the API straight to innerHTML. If the backend processing ever changes, this becomes exploitable.

The createTextNode fix is the right defensive approach regardless of what the backend does - just wanted to share what came up while integrating the SDK.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MaheshtheDev MaheshtheDev Awaiting requested review from MaheshtheDev

At least 1 approving review is required to merge this pull request.

Assignees

@akhilesharora akhilesharora

Labels

extension related to Supermemory Chrome Extension

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@akhilesharora @MaheshtheDev