Issue with this “benign” extension is that it will be using<p>“host_permissions”: “<all_urls>”<p>In its manifest means it can basically do anything on any webpage you visit, scrape data etc.<p>As an extension developer, no thanks. “Fun” pointless extensions like this that have no real utility, but funnily enough require broad permissions, are dangerous
I'd be worried about installing these sorts of extensions in case someone decides to offer the developer a lucrative amount of money to buy it and then uses it for less-than-fun purposes. Not sure if they'd need additional permissions for it, but at least the current content script is ran against "<a href="https://*/\" rel="nofollow">https://*/\</a>*" already.
Is there a particular reason this uses Chrome-specific APIs instead of the standard WebExtensions API? I have considered experimenting with web extensions, but wondering what the practical limitations of the standard API are compared to the browser-specific APIs.
reminds me of <a href="https://adnauseam.io/" rel="nofollow">https://adnauseam.io/</a> 's clicked ad view <a href="https://adnauseam.io/img/adnauseam_vault.png" rel="nofollow">https://adnauseam.io/img/adnauseam_vault.png</a>
I love the idea but the <all_urls> access is a bit scary.<p>This could be recreated in a bookmarklet ideally, though it would require saving the button html snippets into a file that you'd have to make downloadable with some Blob weirdness.
I worked on something similar before that serves the same purpose, except that it steals css/scss and it's not an extension but rather a CLI tool, you can find it in github as coalio/rfscss
Does it store the HTML/CSS for creating the buttons so you can easily repurpose them (which would be quite useful), or are they stored as images (which would be fun but less useful)? If the latter, how difficult are they to extract from the page that shows them all?