NavSentinel is a defensive browser extension. Its job is to make common navigation and credential-deception paths harder to execute quietly.
The most security-sensitive code lives in:
extension/src/content/main_guard.tsextension/src/content/capture_isolated.tsextension/src/content/credential_guard.tsextension/src/shared/domain.tsextension/src/shared/storage.tsextension/src/sw/sw.ts
- extension-runtime relaying scoped to the current tab/frame
- explicit inbound message-type allowlists
- replayable blocked actions with short-lived ids
- no trust in arbitrary page-originated messages
- popup and redirect allowance windows are time-limited
- blocked actions expire quickly
- rollback exists as a recovery path for suspicious committed navigations
- allowlists are site-scoped rather than global
- password submits are intercepted before dispatch completes
- risky submits require explicit local user choice
- trusted domains are stored locally and scoped to registrable domains
- paste warnings discourage silent use of saved secrets on untrusted surfaces
- local-only storage
- bounded event log retention
- normalization and migration of older key shapes
- event logging is best-effort because
chrome.storage.localis not transactional - domain normalization uses a curated multipart-suffix list rather than the full PSL
- a browser extension cannot defend against a fully compromised browser or OS
If you find a security issue in the repository, report it privately to the maintainers before opening a public issue if the bug could materially weaken the extension's protections.
When reporting, include:
- affected file paths
- reproduction steps
- expected and actual behavior
- whether the issue affects navigation protection, credential protection, or both