On The Business of Chrome Extensions and Sensitive Information

This is a response to a concern raised regarding access tokens while engaging with Spotify’s Oauth2 endpoint.

See that video here:

Yes, anyone who downloads your Chrome Extension can see ALL of the code…