[HN Gopher] ChromeGalvanizer - Harden your browser against exten... ___________________________________________________________________ ChromeGalvanizer - Harden your browser against extension backdoors and exploits Author : mandatory Score : 26 points Date : 2020-05-16 21:54 UTC (1 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | dsun179 wrote: | This sounds great, I will try. Is it somehow possible to restrict | the internet access of a single extension? For example I have an | add-http-header extension that has no reason to create connection | to an outside server. | gnicholas wrote: | Not sure if this answers your specific question, but you can | limit the sites that an extension can run on. I recently | discovered that Chrome offers this feature (right click the | extension icon and select Manage Extension to access), and it | saved me from having to build a site whitelist feature for my | extension. [1] It already has a blacklist feature, and I was | going to build a whitelist feature due to user requests. Then I | discovered that this functionality is built into all Chrome | extensions. | | Unfortunately it doesn't seem to exist on Firefox. | | 1: https://chrome.google.com/webstore/detail/beeline- | reader/ifj... | 1cvmask wrote: | Who uses this? | tchaffee wrote: | I open Chrome once in while for testing or on the rare occasion | something only works there, so maybe this is useful for those | occasions. But if you're serious about security and privacy | shouldn't you be avoiding Chrome as your regular browser? ___________________________________________________________________ (page generated 2020-05-16 23:00 UTC)