|
|
|
|
|
|
by martinsbalodis
1840 days ago
|
|
|
They are only disallowing code execution within content script sandbox. You can still create a <script> tag with custom code. The script will be run in page sandbox. The main difference is that it won't be able to access chrome.* APIs but it could be affected by CSP. I doubt that tampermonkey executes custom scripts within content script sandbox since a script could take over the extension itself. They should be fine. Please note that as an extension developer I receive at least once a month a cash offer to inject scripts that track users. |
|
|