* feat(billing): update messages to add reasons
* feat(billing): update survey with switching reason based on param
* fix(billing): revert value of switching reasons
* fix(billing): revert removal of tooExpensive message
* fix(billing): Add plan type to params and update switching logic
* fix(billing): update to include logic
* fix(billing): PR feedback
* Correctly fill generated passwords and current password on plex.tv
* Correctly fill generated passwords and current password on plex.tv
* Leave existing forEach
* Add tests for changes
* turn off inline experience if host page aggressively competes for top of top-layer
* add alert message for top-layer hijack scenarios
* widen the backoff threshold
* refactor backoff logic to include popover attribute mutations
* improve getPageIsOpaque check
* do not attempt inline menu insertion if it has been disabled for security concerns
* fix typo
* cleanup
* add tests
* chore: update @types/firefox-webext-browser
* fix: add world: MAIN to Firefox page script registration
* review: add world property to registration type
This commit adds use_dynamic_url: true to the extension's web_accessible_resources configuration. When enabled, Chrome generates random session-based GUIDs for extension resource URLs instead of using the predictable static extension ID. This enhances privacy by making extension resource URLs unpredictable and prevents third-party enumeration of installed extensions.
The feature is supported in Chrome 102+ and changes resource URLs from chrome-extension://[static-id]/resource to chrome-extension://[random-guid]/resource, with GUIDs regenerating each browser session while maintaining all existing extension functionality.
Addresses: https://bitwarden.atlassian.net/browse/PM-28344
* PM-27900 harden iframe, origin route tightening and test updates
* reduce comments to make more legible
* Removes referrer check in favor of PM-27822 #17313bitwarden/clients@4206447cfe
* nake token optional since it is later set
* whitelist -> allowlist
* improve notes on unsafe
* improve content handler notes
* order allowlist
* improve jsdoc on ismessagefromextension method
* cover additional test cases
* rename verifytoken and document more clear, update referrer
---------
Co-authored-by: Miles Blackwood <mrobinson@bitwarden.com>
* premium upgrade nudge
* add specs
* clean up vault template and specs
* fix date comparison. add more specs for date
* fix spec
* fix specs
* make prop private
* PM-4903- added a check for auth status and popout tabs, if no popup tab and auth is locked, abandon autofill
* add test
* clear all notifications if unlock popout closed
* add more tests and use tabid for performance optimization
* feat: add support for IPC client managed session storage
* feat: update SDK
* fix: using undecorated service in jslib module directly
* feat: add test case for web
* chore: document why we use any type
* fix: `ipc` too short
* typo: omg
* Revert "typo: omg"
This reverts commit 559b05eb5a.
* Revert "fix: `ipc` too short"
This reverts commit 35fc99e10b.
* fix: use camelCase
