[mrolla]

My point exactly. Who would have thought that giving an extension permission to read and change all your data on website you visit would give the extension power to read and change all your data on website you visit.

[wheelerwj]

most people who understand sandboxing would sooner assume that its bad copy text rather than believe google would allow literally anything anywhere.

[AgentME]

Extensions (with permission to a domain) can inject elements and javascript into webpages, and javascript running in a page can use the DOM APIs (the same APIs that a webpage's own code uses) to see what's on the page, including form content.

Chrome extension sandboxing is mostly about controlling what webpages an extension can manipulate, not so much about how it can manipulate it. It's not obvious that there is a better sandboxing solution for the general case. (There are possibilities for specific uses though: Safari has APIs for extensions to use set up regexes to block images/ads without needing permission to run arbitrary code on sites.)

[wheelerwj]

i can't speak for everyone, but if i could get a permission that was bookmarks/url only i would be pretty happy.

[hedning]

There's bookmarks and history permissions available: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/ma...