| > By definition, browser extensions need to be able to access things such as page content. What would stop someone from writing a extension that captures your bank credentials? Nothing. Completely agreed. This is why it's so frustrating that all of the browser vendors have moved to this, "gut every minor option/feature possible, people can just get an extension" attitude. For Firefox: * removing the option to not maintain download history * removing the option for the compact drop-down menu from the URL bar * forcing tabs on top * forcing refresh button to the right-hand side of the interface For Chrome: * removing backspace navigation (you may dislike it, but others don't) * disabling middle-click to scroll on Linux * removing the option to set your new tab page (eg to about:blank) * not letting you prevent HTML5 video autoplay * not letting you disable WebRTC Just the backspace extension alone requires basically carte blanche access to everything just to be able to insert a tiny Javascript function to catch the keypress. I'm not asking for us to go back to the Mozilla suite with integrated mail client, news reader, etc. Just ... it's okay to have an "advanced options" section that lets us control some of this really simple, really basic stuff. And not only okay, a major security benefit to do so. All the focus on web security, you'd think they'd take this stuff more seriously. |
They could at least make it possible choosing not to upgrade a very simple extension which we may have been personally reviewed.
I want a fixed (read: no updates) extension that does this: On key press, check if the key is backspace, when it is, check if any form element is focused, when not, go back. One line of JS, I guess three with nice formatting. If I create this, I need to submit it to the Chrome Store so Chrome won't complain about untrusted extensions.
Of course they also removed the ability to tell it that I know what I'm doing.