This is a refreshingly good look at why extensions with both full privileged access and dynamic script + style execution are a really bad idea, greatly weakening the CSP on every site:
How insecure is Avast Secure Browser?
Injecting arbitrary scripts and styles ought to require an extra permission and be selectively allowed on a per-site basis.
RE: https://floss.social/@alcinnz/112803562967733831
reshared this
Seirdy
in reply to Seirdy • •As for how my stance on privileged extensions interacts with adblocking:
A layered approach to content blocking
A layered approach to content blocking
Seirdy’s HomePup Keith DX Director's Cut
in reply to Seirdy •like this
Seirdy and kimapr like this.
Seirdy
in reply to Pup Keith DX Director's Cut • •kimapr likes this.
Pup Keith DX Director's Cut
in reply to Seirdy •