refactor: Use script.text instead of innerHTML in injectScript

[ion1]

Overview

script.innerHTML seems to act like script.text and not do anything unsafe with special characters, but it seems more appropriate to use text.

Manual Testing

Any injectScript invocation in MV2 mode will hit the code path. I have tested it in Firefox.

Related Issue

N/A

[netlify]

✅ Deploy Preview for creative-fairy-df92c4 ready!

Name	Link
🔨 Latest commit	421cf43
🔍 Latest deploy log	https://app.netlify.com/projects/creative-fairy-df92c4/deploys/688f759a94ac540008572a2e
😎 Deploy Preview	https://deploy-preview-1764--creative-fairy-df92c4.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[aklinker1]

Hey, thanks for your PRs! I'm back from a break and I am going through all the PRs oldest to newest, prioritizing bugs. So it might be a few weeks before I get to these 🙏

[aklinker1]

OK, tested and this seems to work. Probably safer than innerHTML.

[pkg-pr-new]

Open in StackBlitz

@wxt-dev/analytics

npm i https://pkg.pr.new/@wxt-dev/analytics@1764

@wxt-dev/auto-icons

npm i https://pkg.pr.new/@wxt-dev/auto-icons@1764

@wxt-dev/browser

npm i https://pkg.pr.new/@wxt-dev/browser@1764

@wxt-dev/i18n

npm i https://pkg.pr.new/@wxt-dev/i18n@1764

@wxt-dev/module-react

npm i https://pkg.pr.new/@wxt-dev/module-react@1764

@wxt-dev/module-solid

npm i https://pkg.pr.new/@wxt-dev/module-solid@1764

@wxt-dev/module-svelte

npm i https://pkg.pr.new/@wxt-dev/module-svelte@1764

@wxt-dev/module-vue

npm i https://pkg.pr.new/@wxt-dev/module-vue@1764

@wxt-dev/runner

npm i https://pkg.pr.new/@wxt-dev/runner@1764

@wxt-dev/storage

npm i https://pkg.pr.new/@wxt-dev/storage@1764

@wxt-dev/unocss

npm i https://pkg.pr.new/@wxt-dev/unocss@1764

@wxt-dev/webextension-polyfill

npm i https://pkg.pr.new/@wxt-dev/webextension-polyfill@1764

wxt

npm i https://pkg.pr.new/wxt@1764

commit: 421cf43