Hacker News new | past | comments | ask | show | jobs | submit login

Users rarely audit extension updates either. You could wake up tomorrow with a new rewrite supporting extension. Would you know?

No, and if someone could use that extension to run arbitrary code in my browser I'd consider that an exploit, even if "Added rewrite option" is in the changelog.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact