I will answer questions and support requests here.
Why does the extension require “Access your data for all websites”?
The development of the extension started from the minimum permissions set and then I expanded the permissions to the point the extension worked as intended.
That said, this extension uses host permission for every websites (Access your data for all websites),
- to inject content scripts to the pages so that user agent and language overrides work across all websites,
- to allow the user to list and manage cookies for every websites, and
- to capture requests when there is an externally opened tab of any site, for displaying the container selector.
Does this answer your question?
P.S. Probably we should explain these details clearly on the extension’s description.
Thanks for the explanation.
This should indeed be added to the description for the extension itself. Considering how broad that permission is, it’s important to let the users know what it is actually used for.
It’s a pity that the permission model isn’t using more granular permissions instead of the “Access your data for all websites”-permission, as that would both provide better security, more transparency for the users and less documentation work for the developers.
I am not sure I’ll use the particular features which does require that permission, so I might have a look into just slimming it down to remove that security risk imposed by that permission.