|
|
|
|
|
|
by ssafejava
4534 days ago
|
|
|
A chrome extension can make network connections that you won't (normally) see in Dev Tools using a background page. You'll see the connections if you inspect the background page directly but most users won't. Unfortunately this is simply a byproduct of the web's (and browsers') botched security model; there is no way to allow extensions to modify pages without them being able to read the pages, and if they can read the pages they naturally can catch events, including keystrokes. This is why you should think - hard - whenever allowing any extension with that permission. It could autoupdate at any time to include malware. There are a lot of bad extensions out there. I've encountered quite a few. It's a wide-open vector for exploitation and it happens all the time. Just last month I came across a game extension (super mario clone) that contained jQuery. Upon further inspection, it turned out it had been re-minified (making diffs difficult) and had a few lines deep inside that hijacked ads and replaced them with the author's ad network. Silent, effective, and this extension was on the 'top lists' for months. It might even still be there. Be very aware of the permissions an extension asks for. |
|
|