(dbushell.com)

279 points dbushell | 2 comments | 29 Mar 25 10:27 UTC | HN request time: 0.471s | source

Show context

dbushell ◴[29 Mar 25 10:27 UTC] No.43514309[source]▶

How do you deal with hostile browser extensions?

replies(5): >>43514670 #>>43515016 #>>43515058 #>>43516270 #>>43516486 #

1. netsharc ◴[29 Mar 25 12:31 UTC] No.43515016[source]▶

I guess you could figure out valid states for your page's DOM, and a few seconds after the page has finished loading, scan it for "hostile" elements and CSS styles, and delete them...

Having this idea and opening a random page (from The Guardian) on DevTools, somehow somebody's inserted scripts and iframes pointing to twitter.com.

replies(1): >>43518857 #

2. kelvinjps10 ◴[29 Mar 25 21:24 UTC] No.43518857[source]▶

>>43515016 (TP) #

But wouldn't you brake their extensions if the user wanted them to work?

↑

Et Tu, Grammarly?