[HN Gopher] ChromeGalvanizer - Harden your browser against exten...
       ___________________________________________________________________
        
       ChromeGalvanizer - Harden your browser against extension backdoors
       and exploits
        
       Author : mandatory
       Score  : 26 points
       Date   : 2020-05-16 21:54 UTC (1 hours ago)
        
 (HTM) web link (github.com)
 (TXT) w3m dump (github.com)
        
       | dsun179 wrote:
       | This sounds great, I will try. Is it somehow possible to restrict
       | the internet access of a single extension? For example I have an
       | add-http-header extension that has no reason to create connection
       | to an outside server.
        
         | gnicholas wrote:
         | Not sure if this answers your specific question, but you can
         | limit the sites that an extension can run on. I recently
         | discovered that Chrome offers this feature (right click the
         | extension icon and select Manage Extension to access), and it
         | saved me from having to build a site whitelist feature for my
         | extension. [1] It already has a blacklist feature, and I was
         | going to build a whitelist feature due to user requests. Then I
         | discovered that this functionality is built into all Chrome
         | extensions.
         | 
         | Unfortunately it doesn't seem to exist on Firefox.
         | 
         | 1: https://chrome.google.com/webstore/detail/beeline-
         | reader/ifj...
        
       | 1cvmask wrote:
       | Who uses this?
        
       | tchaffee wrote:
       | I open Chrome once in while for testing or on the rare occasion
       | something only works there, so maybe this is useful for those
       | occasions. But if you're serious about security and privacy
       | shouldn't you be avoiding Chrome as your regular browser?
        
       ___________________________________________________________________
       (page generated 2020-05-16 23:00 UTC)