Separate Permission for "All Data" and "Input Fields"
Categories
(WebExtensions :: Untriaged, enhancement)
Tracking
(Not tracked)
People
(Reporter: seth, Unassigned)
References
Details
User Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0
Steps to reproduce:
When installing extensions, many of them request the permission:
"Access your data for all websites"
"The extension can read the content of any web page you visit as well as data you enter into those web pages, such as usernames and passwords."
This seems like a big permission to ask/grant for sites for certain extensions, yet it's extremely common, for example out of the extensions I have installed:
- Coil - https://addons.mozilla.org/en-US/firefox/addon/coil/
- Decentraleyes - https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/
- Firefox Multi-Account Containers - https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/
- Honey - https://addons.mozilla.org/en-US/firefox/addon/honey/
- Metastream Remote - https://addons.mozilla.org/en-US/firefox/addon/metastream-remote/
- Privacy Badger
- SponsorBlock for YouTube - Skip Sponsorships - https://addons.mozilla.org/en-US/firefox/addon/sponsorblock/
- Twitch Channel Points Autoclicker - https://addons.mozilla.org/en-US/firefox/addon/twitch-points-autoclicker/
- uBlock Origin - https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/
All of these could probably function without access to input fields, and especially password fields. Extensions that actually need it could use ask for it separately if it's actually necessary, else it could be an optional permission.
Would it be feasible to make this more granular, so sites can ask for these things separately:
- Access content for all websites
- Access input fields for all websites
It could be even better if there were three instead.
- Access content for all websites
- Access input fields for all websites (excluding password fields)
- Access password fields for all websites
I believe this would improve security of general users, especially in worst-case scenarios where there're vulnerabilities or rouge developers, especially with smaller extensions.
Comment 1•4 years ago
|
||
Bugbug thinks this bug should belong to this component, but please revert this change in case of error.
Comment 2•4 years ago
|
||
The problem that you're describing (extensions getting access to user data, through input fields) cannot be fixed by restricting access to input fields. Once an input field is populated, a web page can read the input value, and if an extension has access to that web page or the website, then they can read the data too.
We are working on ways to allow extensions to get more control over what extensions can access in bug 1497075 and bug 1683056 .
Description
•