Closed Sakhalinfox closed 1 year ago
Can you post the link to your Alby post here? I want to follow it and see what they say there.
I think I may have answered my own question in a way.
On Google Chrome you can do this now by going to extensions > extension details > site access > Allow this extension to read and change all your data on websites you visit > Can choose on click or on specific sites and define a list of sites or perform an 'on click' action to self-authorize reading or changing of data.
On FireFox the option is not readily available in the add-ons page. So, I still need to figure out how to do this.
I think I may have answered my own question in a way.
Yes, that is the correct way of doing this, not on extension level. Extensions can decide not to load on certain domains, like Blockcore Notes does with an deny-list (stops from loading) and allow-list (shows green validated domain).
I'll close the Feature request here since Nos2x is only for chrome and not Firefox anymore. So, I'll continue to discuss on the Nos2x-fox and alby issues since Firefox currently doesn't provide a UX option to control extension permissions for list of user defined domains for access of data.
Currently most Nostr signer extensions like Nos2x, Nos2x-fox and Alby require permissions to "access data from all websites" which I feel is a bit excessive with regards to user privacy. Although I trust that the extension may not do anything with the data from other websites, I feel there could be a way for the user to configure a list of domains on the extension properties or options to allow access to data just for those domains.
Here is how I envision this to work:
An example of an extension that does this is Sponsorblock which allows only Youtube domains or user configured local or external domains.
I will be cross posting this on nos2x and alby extension GitHub repositories as well for a more open discussion.