|
|
|
|
|
|
by philsnow
666 days ago
|
|
|
Years ago, IT at the company I was working at force-pushed a browser extension that did this same trick, but the extension vendor in question didn't even bother loading over https. Edit: the extension's manifest gave it nearly every permission, on every web site, including internal ones |
|
|