How to make clear that a certain page belongs to a locally-installed add-on the user trusts? This should be implemented because add-ons often handle security-sensitive things and phishing is terrible. Previously we could tell the users the right URIs of the add-on UIs since they are static resource: or chrome: addresses. But with WebExtensions all the addresses are randomized, so this is not good for user experience. (Recognizing moz-extension: part is not enough: you cannot tell the add-on’s name from it)
Resources in WebExtensions should indicate their identities.
Mockup: