Browser extension evidence capture

Before capturing browser evidence

Use this page when a customer starts the WebRiskOps browser extension on an active public page and sends bounded evidence into a selected project or report. The capture must be customer-initiated, tied to accepted scope and narrow enough to route automatically.

• Capture evidence from the browser extension
• Confirm the project, optional report and active tab belong to the customer-approved scope before upload.
• Keep the capture limited to page evidence that supports the finding, issue, scan result or assurance pack.
• Stop when `EXTENSION_SCOPE_REQUIRED`, `EXTENSION_EVIDENCE_REJECTED`, `UNAUTHORIZED`, `FORBIDDEN` or `VALIDATION_FAILED` applies.

Capture active-tab evidence

Follow the path `Extensions → Active browser tab → Capture preview → Evidence upload → Project or report handoff → Use evidence or stop`.

1. Open `/extensions/browser-evidence-capture` from `/extensions` and review Browser evidence capture access. Result: the customer confirms the add-on uses user-initiated active-tab capture only.
2. Open the approved public page in the browser and choose the WebRiskOps project or report context in the extension. Result: the capture is tied to `project_id` and optional `report_id` before any evidence is sent.
3. Confirm the active tab URL matches accepted project scope and the expected `canonical_url`. Result: private, unsupported or out-of-scope URLs stop with `EXTENSION_SCOPE_REQUIRED` or `VALIDATION_FAILED`.
4. Select only the issue-relevant page text or leave `selected_text` empty. Result: the extension does not copy form values, account details or unrelated page content.
5. Review the capture preview for `page_url`, `page_title`, `selected_text`, `meta_description`, `canonical_url`, `heading_outline`, `captured_at` and `extension_version`. Result: the customer sees exactly what leaves the browser.
6. Send `POST /api/browser-extension/evidence-captures` with a bearer token that has `browser-extension:evidence-upload`. Result: accepted captures return `201 Created`, `status: accepted`, a capture id and project/report handoff URLs.
7. When `report_id` is present, verify it belongs to the selected project before retrying. Result: report/project mismatches fail validation and no capture record is stored.
8. If the API returns `UNAUTHORIZED`, `FORBIDDEN` or `VALIDATION_FAILED`, fix the token, token ability, scope or payload before retrying. Result: the extension does not repeat an unsafe upload.
9. Open the project or report handoff URL and confirm `extension_evidence_status` is accepted in the right context. Result: the evidence can support the matching finding, issue or assurance pack.
10. If the preview includes cookies, local storage, password fields, payment fields, full HTML, browser history or private data, stop and recapture only the approved public page. Result: `EXTENSION_EVIDENCE_REJECTED` stays visible until unsafe data is removed.

Evidence WebRiskOps accepts

Accepted extension evidence is narrow and routeable.

• `project_id`, optional `report_id`, `page_url`, `page_title`, `canonical_url`, `captured_at` and `extension_version` identify the customer-approved page and capture context.
• `selected_text`, `meta_description` and `heading_outline` can explain the visible page state when they support the selected issue.
• `capture_id` and `extension_evidence_status` let the product attach the accepted capture to the project, report, issue or assurance pack.
• Project/report ownership and report/project matching must pass before `EXTENSION_EVIDENCE_CAPTURED` is treated as ready.

Data the extension must exclude

Browser evidence should not become a private browsing or account-data export.

• Exclude `cookies`, `local_storage`, `session_storage`, `password_fields`, `payment_fields`, `full_page_html` and `browser_history`.
• Exclude account pages, admin paths, checkout form values, customer records, API keys, bearer tokens, provider secrets and unrelated private page text.
• Reject captures from private, login-only, third-party, out-of-domain or unsupported pages even when the customer can see the tab locally.
• Do not retry rejected captures by expanding scope or collecting more browser data. Fix the scope or remove unsafe payload fields first.

Ready and blocked extension states

Use these states before evidence reaches reports, tickets or assurance packs.

• Extension capture accepted means `EXTENSION_EVIDENCE_CAPTURED`, `status: accepted`, `capture_id` and the project or report handoff URL point to the same customer context.
• Scope check required means `EXTENSION_SCOPE_REQUIRED` blocks private, unsupported or out-of-scope active-tab URLs.
• Token blocked means `UNAUTHORIZED` or `FORBIDDEN` requires a valid bearer token with `browser-extension:evidence-upload`.
• Payload rejected means `EXTENSION_EVIDENCE_REJECTED` or `VALIDATION_FAILED` requires safer fields, valid URLs or a matching report/project pair.
• Evidence unavailable means the customer should use Missing evidence when no safe public-page capture can be produced.

Continue after capture

After the capture is accepted, continue to Extension and platform handoffs for the API contract or Request and response examples for copy-safe payloads. Use Authentication and headers when token setup fails, Data collected and excluded or Personal data boundaries when evidence content is unclear, and Missing evidence when the page cannot produce safe active-tab evidence.