|
|
|
|
|
|
by horsawlarway
62 days ago
|
|
|
I'd argue native messaging is much more secure. You only have origin headers that you can trust if the traffic originated from a browser you trust. Anything else on the machine that can send network traffic can now hook into your service. Which is quite a bit looser than being able to start a new process running that native message host and hook into its stdio. |
|
|