Security vulnerability in Chrome's JSONView extension?

[Pyppe]

I've used daily the JSONView Chrome extension (previously available in https://chrome.google.com/webstore/detail/jsonview/chklaanhfefbnpoihckbnefhakgolnmc?hl=en) for viewing JSON.

Just now I noticed that it has been automatically disabled from my browser. Visiting `chrome://extensions/` states "This extension contains a serious security vulnerability". And also, it's no longer available in the Chrome Web Store (see link above).

Any idea, what's the vulnerability? I tried to google, but found no info about this...

[Pyppe]

https://github.com/gildas-lormeau/JSONView-for-Chrome/pull/4... maybe it's about this XSS issue. Funny though, that the extension it's just now suddenly being pulled out.

I would've imagined this extension being used by A LOT of developers...

[dacort]

Yea, my guess would be that's it. Coupled with the fact it hasn't been updated in ~3 years.

I've giving this one a shot, might have too much functionality for me though...I liked how bare-bones the other one was. https://chrome.google.com/webstore/detail/json-viewer/gbmdgp...

[vjt]

I also like bare-bones stuff, and I am currently evaluating this https://chrome.google.com/webstore/detail/json-formatter/bcj... that is fast, easy on the eye and minimal. Haven't reviewed the code tho.

[joelberger]

Giving that one a try too. Thanks for the link.