Non-fundamental permissions required by Addons

Add-ons Add-on Support
#1

Why many Addons require lot of non-fundamental permissions to work like “Access your data for all websites”, if this permission it’s not essential for the addon to work?

See example for this Text to Speech extention than doesn’t need to access all my data on all website, to work, in comparison with almost all the rest that require that permission:

(By the way, do you know other Text to Speech addons that works well on different languages, without “Access your data for all websites” permission? The one in the example have some issues.)

I don’t want to give non-fundamental permission to addons and don’t trust it.

#2

The reason it needs access to “all data” is because that’s the only permission there is to access the content of a webpage. The content of a web page is potentially all data.

#3

This extension uses the activeTab permission to gain host permission to the current page when you click its toolbar button or context menu item. There may be some situations where this is not enough permission, but for most cases, it may be sufficient. Why don’t more developers do this? Perhaps it is laziness, or perhaps they want to offer the ability to start running without the user having to click, in which case, more permissions are needed.

See: https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#activeTab_permission

My search page lists permissions in an easier-to-see way: https://www.jeffersonscher.com/sumo/extensions.php#q=human-quality%20text-to-speech

1 Like
#4

A reason extensions require “All websites” instead of (or in combination with) “activeTab”, could also be that it is difficult to understand the difference.

I have made an exif-viewer extension which has to scan the webpage for images, including iframes that might be hosted on different domain than “top page”. And images itself might of course also be hosted on other address/domain than the page itself (and the exif-viewer obviously needs to read the image file).

I should of course have done testing. But the easiest thing for my first beta-version was to just ask for both permissions…

#5

Okay, finally did some testing with my own exif-viewer extension. Apparently it doesn’t need “activeTab” (or cannot work with it alone). But it cannot work without “all data” (<all_urls>), even though my extension is always launched from right-click context menu on page.

So apparently I can remove “activeTab” permission from my manifest. Had of course hoped I could remove the other one instead…

#6

An extension that has the “Access your data for all websites” permission, can transmit all the data from all websites to their server so to know what credit card I entered on a website or what type of porn do I watch?

How can I check and be sure that it transfer the data or not?

#7

I’m afraid it is mostly a matter of trust. If you can read Javascript, you can always download and unpack the extension yourself and study the code (Right click the Install button on AMO and save. Rename downloaded *.xpi file to *.zip. Unzip file and study the code). Though, some use code obfuscating techniques, to “protect” their work (Or maybe for other reasons :-/ ).
You could also use the browsers developer tools to look for suspicious network traffic.