|
|
|
|
Ask HN: Browser Extensions and XSS
|
|
1 points
by PlanetFunk
5436 days ago
|
|
|
Over the last week I've developed and released an extension for Chrome/Firefox that collapses and adds a toggle bar to each Google+ stream post. I've also just released a bookmark that takes the extension code (from code.google.com) and injects it into the G+ page for those browsers that can't use the extension. now, my understanding is that this is basically user-control cross-site scripting (XSS). The thing is, it's exactly what all of the extensions are doing anyway, isn't it? Is there something I'm missing? |
|
|