1Password extension is breaking code highlighting on every website you visit, fix in the works

For weeks, developers have been puzzled by broken code blocks on documentation sites. The cause turned out to be the 1Password browser extension, hiding in plain sight.

The issue came to light when developer Ronan Berder noticed something odd on December 17. “Somehow, the @1Password Chrome extension is injecting Prism.js in my pages and breaking highlight.js,” he posted on X. What first looked like a one-off glitch quickly snowballed as other developers reported running into the same problem on various sites.

Evan You, creator of Vue.js, laid out the technical details in a scathing post on December 30. According to You, the 1Password browser extension is “injecting Prism.js globally on every page, which then applies its syntax highlighting logic on all <code> blocks matching [lang=*] regardless of whether it’s meant to be compatible, thus breaking original highlighting”. The Vue creator called it “terrible negligence” and added that the bug was already flagged during the beta phase but still made it to production.

That timeline detail has developers particularly frustrated. As one user pointed out, the issue was reported in 1Password forums on the beta build over three weeks before it shipped to all users. Developer Wilson Wilson commented: “So THIS is why every code block on every website has been broken over the last few weeks”.

Sites running Vitepress, Drizzle ORM docs, and countless other documentation platforms have been affected. SaltyAom documented the bug on December 29, showing how the extension broke Vitepress syntax highlighting in both Chrome and Safari. “I’ve seen this happening on at least 12 sites, including mine. Wasted an hour debugging this,” Wilson added.

1Password has acknowledged the problem. Responding to Berder’s initial report, the company said they’re “aware of an issue in recent versions of the 1Password browser extension that can interfere with syntax highlighting on some pages” and confirmed “the team is actively working on a fix”. However, they haven’t shared a timeline for when users can expect the patch.

Even longtime 1Password supporter Christina Warren expressed disappointment today, writing: “I’m a huge huge huge @1Password fan but this isn’t OK and this needs to be fixed and addressed ASAP. Injecting a new framework and applying it globally isn’t OK”.

For now, developers are stuck waiting for an update while their documentation sites display mangled code blocks to visitors.

We stand out from the tech-media crowd because we break news stories; we mainly bring you stuff that you won’t find anywhere in the mainstream tech media. Our stories have been picked up by some of the world’s most popular websites and media outlets—more info is available here.