Does the plugin need to access my data from all websites? #11
Comments
|
Thanks for the suggestion @ZiadJ. Maybe we can add separate releases on this repo to cater to that. It will be really helpful to know what sites you generally use the extension on. Then we can ask for accessing data on those domains only, with permissions via user actions on other sites. |
|
I would assume that there are specific access types both Firefox and Chrome that only allow access to textboxes that are not of the password type for instance. If so that would be a good start I'd say. |
|
@ZiadJ the chrome extension permissions are not as granular as one would like it to be. What it offers is that we can interact with the content in the tab via the "tabs" permission. So it is binary wrt the site that is being used. Hence what we can do is remove some specific sites one by one where any security issues might be there. But to ensure privacy and security, our chrome extension like any other extension goes through a review process. This is done by the chrome web-store folks to ensure the extension does not have any malicious code. |
|
Thank you for this explanation. I needed it after installing via the https://merlin.foyer.work/ way. BTW, I have just praised it on a very public professional site (not GitHub). |
|
Thanks a lot @Manamama for your support! :) |
I am a bit concerned about security so it would probably be a good idea to provide a version that does not require access to sensible information on the browser.
The text was updated successfully, but these errors were encountered: