cloudtracer
commented
6 years ago Completed in builds for Firefox. Will migrate to Chrome in next release. This will likely break any conditional logic in custom integrations for icons, loops and indicator expressions.
If you have a custom integration using these be on the lookout for the new formats, or better yet take ThreatPinch Lookup for Firefox for a spin and look at the new logic.
The Mozilla Add-ons store doesn't allow the use of unsafe-eval (even if you follow some best practices around it), and doesn't appear to offer any solutions for Sandboxing Web Extensions.
Therefor the templated strings will need to be re-written in order to not use dynamic functions or eval like functionality.
The indicator, conditions and tpicon expressions will all need to be re-written to be evaluated in jexl which looks to be a powerful dynamic evaluation library.
These will be breaking changes for any integrations using custom expressions. Templated strings and mappings will not be affected.