[lxgr]

> Extensions are great for adding a tiny bit of functionality to a browsing experience without dedicating an entire app to run in the background.

And a great way to give permission to read and modify all websites you visit to something that should really better be an isolated application.

I would really not consider web extensions an alternative to standalone apps. In my security model, they inhabit the opposite corner.

> some users like to use VPNs securely tied in from the browser itself rather than running the full-scale app

This might be a mistake, for example. A VPN app runs sandboxed on mobile OSes (and many VPN types are supported by OSes natively so there's no need for an app in the first place), so it can't get access to website data (if HTTPS is used), whereas a web extension usually can.

[xboxnolifes]

> And a great way to give permission to read and modify all websites you visit to something that should really better be an isolated application.

Then don't do that. Give them permission to only read specific sites, or even no access if they don't need it.

[lxgr]

If only that were possible!

Manifest V2 doesn't even support fine-grained permissions like that (they have to statically declare all sites they ever want to access at build time, and users have to accept all of them at install time).

Manifest V3 is better and offers a dynamic API to request more permissions on a per-site basis, but it's still not perfect – for example, Chrome presents the "proxy" permission as "read and change data on all websites", so as a user, I have no idea if a VPN extension just wants the proxy permission, or write permissions to every site I visit.