Hacker News new | ask | show | jobs
by bananaface 1896 days ago
It would be nice if Firefox provided an API that only exposed the static HTML of sites you're visiting. I don't care if an extension wants that data, it's nowhere near as sensitive.

I guess this doesn't solve injection, but there must be other ways to solve "display some additional data."
1 comments
tiborsaas 1896 days ago
Great idea, after all it's impossible to render sensitive data server side :)
link
bananaface 1896 days ago
I said it's less sensitive.
link
tiborsaas 1896 days ago
Does it matter?

Btw here is your API:

    document.body.innerHTML
link
bananaface 1896 days ago
And which permission do I take to access that?
link
tiborsaas 1896 days ago
As a bookmarklet, none :) That's the best you can get.
link