Conversation

This Tweet was deleted by the Tweet author. Learn more
This Tweet was deleted by the Tweet author. Learn more
True, there's quite a bit authors can do to protect their extension (sadly, most don't). That stated, you still have the core issue that establishing a communication channel for extensions inherently weakens the site isolation sandbox's protection against a compromised renderer.
2
1
Replying to and
I think there are solutions to those problems. We could have more agreement between browser makers and extension authors if we had better extension APIs—enough to implement the built-in PW manager as an extension. Is Chrome interested in accepting contributions along these lines?
2
2