Revision as of 20:53, 29 December 2018 edit Pmffl (talk \| contribs) Extended confirmed users 4,532 edits →History: better ← Previous edit		Revision as of 20:59, 29 December 2018 edit undo Pmffl (talk \| contribs) Extended confirmed users 4,532 edits →Security: rewrite - best to be general here as a note of caution to readers Next edit →
Line 14: == Security == WebExtensions are powerful enough to be used as [[malware]]."<ref>{{Cite web\|url=https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/AMO/Policy/Reviews\|title=Add-on Policies\|website=MDN Web Docs\|language=en-US\|access-date=2018-12-15}}</ref> Criminals have developed extensions that can silently hijack browser settings, e.g. to change the [[home page]] to a malicious site or inject links to [[malware]].<ref>{{Cite web\|url=https://chrome.googleblog.com/2013/10/dont-mess-with-my-browser.html\|title=Don’t mess with my browser!\|website=Google Chrome Blog\|language=en\|access-date=2018-12-15}}</ref> Browser [[Content Security Policy]] restricts the operation of WebExtensions. Some of the details vary among the major browsers.<ref>{{Cite web\|url=https://developer.chrome.com/extensions/contentSecurityPolicy#restrictions\|title=Content Security Policy (CSP) - Google Chrome\|website=developer.chrome.com\|access-date=2018-12-15}}</ref><ref>{{Cite web\|url=https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Content_Security_Policy\|title=Content Security Policy\|website=MDN Web Docs\|language=en-US\|access-date=2018-12-15}}</ref><ref>{{Cite web\|url=https://docs.microsoft.com/en-us/microsoft-edge/extensions/api-support/supported-manifest-keys\|title=Extensions - Supported manifest keys - Microsoft Edge Development\|last=erikadoyle\|website=docs.microsoft.com\|language=en-us\|access-date=2018-12-15}}</ref> == References ==

WebExtensions: Difference between revisions