From bece82ddfa1cc0d0ae218daad1249e7969004fae Mon Sep 17 00:00:00 2001
From: Paul Hutchinson <paulhappyhutchinson@protonmail.ch>
Date: Fri, 14 Nov 2025 12:21:45 +0000
Subject: [PATCH 1/2] [feature] SC-166737/improve app proxy security by
 restricting where token replacements can go

---
 manifest.json                        | 26 ++++++++++++++++++++++++--
 src/services/teamviewer/constants.ts |  2 +-
 2 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/manifest.json b/manifest.json
index a5b35ba..d7bb948 100644
--- a/manifest.json
+++ b/manifest.json
@@ -53,12 +53,34 @@
       {
         "url": "https://login.teamviewer.com/oauth2/authorize",
         "methods": ["GET"],
-        "timeout": 10
+        "timeout": 10,
+        "settingsInjection": {
+          "client_id": {
+            "body": ["client_id"]
+          },
+          "client_secret": {
+            "body": ["client_secret"]
+          },
+          "global_access_token": {
+            "body": ["refresh_token"]
+          }
+        }
       },
       {
         "url": "https://webapi.teamviewer.com/api/v1/.*",
         "methods": ["GET", "POST", "PUT"],
-        "timeout": 10
+        "timeout": 10,
+        "settingsInjection": {
+          "client_id": {
+            "body": ["client_id"]
+          },
+          "client_secret": {
+            "body": ["client_secret"]
+          },
+          "global_access_token": {
+            "body": ["refresh_token"]
+          }
+        }
       }
     ]
   }
diff --git a/src/services/teamviewer/constants.ts b/src/services/teamviewer/constants.ts
index 7d9f37c..065b380 100644
--- a/src/services/teamviewer/constants.ts
+++ b/src/services/teamviewer/constants.ts
@@ -5,4 +5,4 @@ export const placeholders = {
     GLOBAL_REFRESH_TOKEN: `__global_access_token.json("[refreshToken]")__`,
     ACCESS_TOKEN: "[[oauth/global/access_token]]",
     REFRESH_TOKEN: "[[oauth/global/refresh_token]]",
-};
+} as const;

From bfbab0151a905cc5077a107f1002af7daf94dacc Mon Sep 17 00:00:00 2001
From: Paul Hutchinson <paulhappyhutchinson@protonmail.ch>
Date: Wed, 19 Nov 2025 12:29:49 +0000
Subject: [PATCH 2/2] [feature] SC-166737/improve app proxy security by
 restricting where token replacements can go

---
 manifest.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifest.json b/manifest.json
index d7bb948..83f7b07 100644
--- a/manifest.json
+++ b/manifest.json
@@ -52,7 +52,7 @@
     "whitelist": [
       {
         "url": "https://login.teamviewer.com/oauth2/authorize",
-        "methods": ["GET"],
+        "methods": ["GET", "POST"],
         "timeout": 10,
         "settingsInjection": {
           "client_id": {