Up until recently†, I'm not aware of a situation where a popular Firefox extension was unable to work in Chrome due to Google restrictions.
†I'm purposefully excluding the whole adblock thing, as that's super recent and thus not relevant here.
I actually still think the API design was a good idea and am glad for the added security. Still, the API change took down some popular extensions for sure.
Now there is no more middle click to submit on forms and I used that at my old job to speed up a bunch of tedious tasks.
It is, and it boils down to the usual security vs. utility tradeoff - beyond some point, more secure means less useful. Kernel access is a stretch, but then again, I could make my computing experience much more pleasant if I had a deeper ability to control and inspect the browser from external software running on my computer.
Especially in Private/Incognito Mode I only want extensions for blocking ads/trackers + 1Password and that’s it.
Also being able to see what the extension does is really valuable to me, because allowing an extension to read the data on all websites you visit is really suspicious for a majority of extensions.
Mozilla has had a good review process in place and truth be told Chrome's Web Store has suffered from spyware and malicious extensions more than Firefox. But that's only because it is more popular and Google is known for really screwed / non-existent human support (e.g. extensions being reported as being malware with no immediate action).
That's fair, but this dynamic drags down usefulness of the whole platform. Browsers could offer extended permissions allowing extensions arbitrary control over the browsing experience, but they can't trust extension authors not to get greedy about privileges, and can't trust regular users to be smart about it. It's what happened with Android: applications requested every possible permission, users learned to just accept it.
> Also being able to see what the extension does is really valuable to me, because allowing an extension to read the data on all websites you visit is really suspicious for a majority of extensions.
That's true, and I wish there was an easy way to transparently run a I/O trace on an extension, and to have super-fine-grained user-level control over its permissions. I use a bunch of extensions that modify the contents of sites; I wish I could manually restrict them to a whitelist - and sometimes blacklist. Like, e.g. I don't need Cloud2Butt to work on my banking site.