I'm trying to find any info about security patterns related to using innerHTML with shadowDOM. I'm not a js security master, so maybe my question is silly...
I'm working with chrome extension and I need to use shadowDOM to isolate css for context script. In many tutorials of doing this, I found the code like that:
someDiv.attachShadow({ mode: 'open' });
shadowRoot.innerHTML = `<style>
...css
</style>`;
So the question is: Is it safe?