(dbushell.com)

279 points dbushell | 5 comments | 29 Mar 25 10:27 UTC | HN request time: 0.515s | source

Show context

dbushell ◴[29 Mar 25 10:27 UTC] No.43514309[source]▶

How do you deal with hostile browser extensions?

replies(5): >>43514670 #>>43515016 #>>43515058 #>>43516270 #>>43516486 #

1. eadmund ◴[29 Mar 25 12:36 UTC] No.43515058[source]▶

I don’t think that ‘hostile’ is really fair in this case, when ‘insufficiently competent’ will do (albeit at the cost of more syllables).

I am not a fan of Grammarly or their technical model, but I don think it’s fair to attribute malice when it is adequately explained by stupidity.

It’s been a long time since I did any front-end work: should both Grammarly’s extension and your own code use namespaced property names?

replies(4): >>43515091 #>>43516294 #>>43516464 #>>43516925 #

2. dbushell ◴[29 Mar 25 12:42 UTC] No.43515091[source]▶

>>43515058 (TP) #

yep, it's in Grammarly's interest to namespace or scope their CSS in a way that doesn't conflict. Not doing it adequately goes both ways, website CSS could break their extension, or their extension could break the website.

3. QuadmasterXLII ◴[29 Mar 25 15:29 UTC] No.43516294[source]▶

>>43515058 (TP) #

We tried applying cunningham’s law widely and it created disastrous incentives. It’s better to assume profitable yet destructive incompetence is malice.

4. chuckadams ◴[29 Mar 25 15:55 UTC] No.43516464[source]▶

>>43515058 (TP) #

Any sufficiently advanced stupidity is indistinguishable from malice.

5. MartijnHols ◴[29 Mar 25 17:05 UTC] No.43516925[source]▶

>>43515058 (TP) #

Unfortunately browsers don't really provide good solutions for extensions that need to inject or change sites. Look at Google's owner in-browser translate extension, its DOM manipulation breaks many interactive apps as well. There are no tools available in browsers for it to not need to do that.

↑

Et Tu, Grammarly?