[jguegant]

BROWSERS are really dangerous; if you need to keep your machine secure, you shouldn't use any IMHO. By definition, browsers need to be able to access things such as page content. What would stop someone from writing a browser that captures your bank credentials? Nothing. Obviously no security-conscious user is going to install a bank credential stealing browser. But what about bugs in browsers? If a buggy browser can be made to execute arbitrary code, it is as dangerous as a malicious browser...

At the end, it's a matter of trust in your browser or your extensions.

[kentosi]

I see where you're getting at, but with only a handful of browsers* maintained by large organisations eager to protect their reputations vs a plathora of extensions out there, your argument doesn't hold so well.

* I'm assuming usage of Chrome/IE/Firefox/Safari here.

[dancek]

Obviously.

The quoted paragraph is buildup to the fact that AngularJS evals content on purpose, and does not really even try to be secure against maliciously-crafted DOM. Browsers, on the other hand, are designed to resist attacks.

But yes, certainly you need to trust the browser more than an extension.