You are viewing a single comment's thread from:

RE: Palnetify - Easily switch to Palnet.io from other steem ui's

in #palnet5 years ago

Browser extensions are pretty insecure things. I'd recommend instead just creating a bookmark and have the url be the following:

javascript:(function(){location.assign("http://" + ((location.hostname == "www.palnet.io") ? "steemit.com" : "www.palnet.io") + ((location.pathname.split("/")[1].indexOf("@") == -1) ? location.pathname : ("/" + location.pathname.split("/")[1])))})();

That will do the same thing without installing anything.

5 years ago in #palnet by
$2.32
  • Past Payouts $2.32
  • - Author $1.80
  • - Curators $0.52
13 votes
Reply 8
Sort:  
  • Trending
    • [-]
     5 years ago (edited) 

    Agreed, I also made this into a userscript and bookmarklet but I liked having the icon on my toolbar as an extension. Thanks for the code anyx :)

    $0.05
    • Past Payouts $0.05
    • - Author $0.04
    • - Curators $0.01
    2 votes
    Reply
    [-]
     5 years ago (edited) 

    Nifty trick, done. No icon though :(

    $0.00
      Reply
      [-]
       5 years ago  

      Browser extensions aren't that bad, if they are coded correctly, and said code is open to be audited to ensure it's not doing something... nasty.

      $0.00
        Reply
        [-]
         5 years ago  

        The problem is that there isn't really enough security on the browser side. If an extension is open source, people can audit it...but there can still be hacks that cause malicious updates. Few people, if any, check every update either. If an extension checks one site's code, the browser doesn't even limit it to only that site. It lets it check every site, and then it's up to the extension to limit itself.

        So, they are that bad, it's just that there hasn't been a major incident that's made it to the mainstream news, yet, due to the horrible security.

        [-]
         5 years ago  

        This is true, but it's no different for userscripts either. Those can have more privileges than browser extensions do. Plus, some browsers like Brave seem to have some pretty good sandboxing for extensions, and notifications each time the extension updates and needs more permissions. I'd be willing to trust a browser extension installed in Brave than I would a userscript. Course, I only ever have 5 browser extensions at most, LassPass, Printliminator, SteemKeys, Dissenter (for now), and Stylus. So it's not like I use dozens of them either.

        [-]
         5 years ago  

        So you mean using SteemConnect is more secure than Keychain extension?

        $0.00
          Reply
          [-]
           5 years ago  

          Not necessarily. We might be screwed in different ways if either got hacked. I was talking about the technology behind browser plugins.

          $0.00
            Reply
            [-]
             5 years ago  

            Used your script in Brave Browser and it works fantastic! Thank you for this @anyx!

            $0.00
              Reply