Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Avatar for Username

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Add-In Permissions

  • 2 个回答
  • 0 人有此问题
  • 1 次查看
  • 最后回复者为 pabsfx-config

pabsfx-config
pabsfx-config
more options

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. "

I was stunned.

That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords).

The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

One of the add-in permissions is "Access your data for sites in the “named” domain". I looked at that and thought, "That certainly cannot include passwords"; BUT the explanation for this permission is: "The extension could read the content of web pages you visit in the specified domain, as well as data you enter into those web pages, such as usernames and passwords. " I was stunned. That means that addins that get this permission have access to my banking/medical/etc. usernames & passwords. This is not acceptable. Can a permission be developed that would be: "Access your data for sites in the “named” domain" (except usernames/passwords). The permission "Access your data for all websites" is significantly worse in that it applies to all sites.

所有回复 (2)

TyDraniu
TyDraniu
  • Top 25 Contributor
more options

This is a precaution. It doesn't mean that this add-on actually reads your passwords or it could send this data anywhere.

有帮助吗?

pabsfx-config
pabsfx-config 提问者
more options

The add-on does not necessarily ACTUALLY read the username and password, but does that permission mean that the add-in COULD read the username and password ? If so, is there a way to raise a warning if it does?

有帮助吗?

我要提问

您需要登录才能回复。如果您还没账号,可以提出新问题