The other side of that concern is leaking information about what extensions
a user has installed to the site owner. At the moment, that's an explicit
non-goal of the spec. I'm of the opinion that it should stay that way.
What is the privacy impact that you're worried about? I'm not sure I
understand the use-case.
--
Mike West <mkwst@google.com>, Developer Advocate
Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91
On Mon, Oct 29, 2012 at 9:41 AM, Ingo Chao <ichaocssd@googlemail.com> wrote:
> On Sat, Oct 27, 2012 at 12:37 AM, Dan Veditz <dveditz@mozilla.com> wrote:
> > On 10/25/12 12:24 AM, Ingo Chao wrote:
> >>
> >> Without the violation report for extensions/addons, monitoring loses
> >> the chance to highlight risks coming from injected scripts.
> >
> >
> > You mean you, as a site author, want to be informed when an extension has
> > injected content whether the extension wants to be identified or not?
> That's
> > the exact opposite of what Fred Andrews was requesting.
> >
> > -Dan Veditz
>
> Yes. I am more concerned about the impact on privacy that an add-on may
> create.
>
> Ingo
>