3

Suppose there is a trusted browser extension in a chrome browser that modifies the web page (like editing DOM, appending scripts, etc)

I don't want anyone but me to see the page modified by this extension, as it could now contain sensitive data. Though it is possible for js handlers to reflect the modified page back to the server. Problem 1: How can I isolate the modified page?

On the other hand it is important for the given page to allow outgoing connections to dynamically load and update the page content.

So this configuration won't work: configuration

There is no way I could filter the traffic of the page from the untrusted server (It is served from an untrusted source. The traffic is encrypted, protocol is unknown and could change) Problem 2: How not to break dynamic page updates?

Basically, I need at least one-way isolation of page. The browser extension should be capable of doing whatever it needs, and nothing should the page scripts be allowed to do with browser extension content.

kupihleba
  • 387
  • 1
  • 7

1 Answers1

1

You can securely prevent the host web page from accessing data displayed by the extension by having the extension embed its content inside of a pop-up or extension drop-down (this is the solution used by Google's E2Email extension) or inside of an iframe embedded into the page. The iframe must have its src attribute set to a value besides "about:blank". (If it's set to "about:blank", then the host web page can access its contents because of the same origin policy.) The iframe's src may point to a URL contained on a domain trusted by the user, or it may point to an html file contained inside of the extension. The page inside the iframe may have javascript that communicates directly with the browser extension, leaving the host web page entirely out of the loop.

Macil
  • 1,482
  • 9
  • 11