There should be a way to allow extensions to execute only on specific websites like the Site access option in Edge does, this improves extensions usability and may also enhance privacy.
I second this motion. Enabling an extension to run on all websites, when it is only utilized on one website, is undesirable; as it increases the surface vector for attack in vain.
Here's an example of a problematic extension. Grammarly. It can be rather invasive and annoying when doing most things, constantly calling back home to do what it needs to do. This isn't malicious, but rarely desirable outside of things like google docs or similar editors.
While Grammarly has a way to disable it for certain websites, it's a blacklist. So you have to do it for every single website you don't want it to run on. It's in Grammarly's interest to force this on everything (probably to train their AI), but I certainly don't want that.
This kind of feature would allow us to say "no, you only run on google docs and 365 word".
Keeping a close eye on this thread. This feature is sorely needed to reign in some overzealous extensions, like Grammarly that's been mentioned before, among others.
This crucial security feature was proposed on March 2, 2022, but as of September 16, 2024, it remains unimplemented. This is quite concerning.
I’m troubled by the fact that add-ons installed for one particular website can function on other sites as well. For instance, I installed a currency converter add-on for one specific site, but it’s now interfering with and disrupting data in another site where it shouldn’t have any access.