Page 1 of 1

Privileged Sites

Posted: Thu Jul 26, 2018 4:25 pm
by therube
Privileged Sites (rant)

I trust addons.mozilla.org - unequivocally :rolleyes:.
It is a "privileged" site, I good with that :D.

I'm so trusting. They're privileged & I'm happy :dancing:.

AMO would never get hacked.
[add any site in the world] would never get hacked.

Anyhow, one day I'm trolling AMO & well, the boat just left the harbor.
I fire up wirefoxshark & damn if I don't see somebadasssite.com being loaded from addons.mozilla.org.

But I'm trusty (the clown) & they're privileged, so I'm good with that.

And we're supposed to be accepting of this?
Here we are, with a security tool, yet this security tool cannot secure us from addons.mozilla.org - because they're "privileged"!
Well you know what that is.


Anyhow, even though NoScript cannot affect "privileged" sites, can it still at least list the domains it is finding there?
That way, once addons.mozilla.org gets hacked, at the least, we can see that somebadasssite.com is also being loaded there.
As it is currently, we have no clue what sites are loading there.

Re: Privileged Sites

Posted: Thu Jul 26, 2018 5:49 pm
by Giorgio Maone
I'm afraid there's no way for any non-Mozilla WebExtension to "see" anything on AMO.
Even hacking extensions.webextensions.restrictedDomains, which seems to work for other sites in the list, has no effect there, sorry.

Re: Privileged Sites

Posted: Thu Jul 26, 2018 6:07 pm
by barbaz
Are you saying this doesn't work anymore? - https://forums.informaction.com/viewtop ... 010#p97010