Hacker News new | past | comments | ask | show | jobs | submit login

I'd be surprised if sites had permission to read a chrome-extension:// URL. That'd be a sizable privacy leak.

I'm not sure about the chrome-extension protocol, but this API still seems to be present: https://developer.chrome.com/extensions/runtime#method-sendM...

I just tested in chrome 77, and I could only do `chrome.runtime.sendMessage("clngdbkpkpeebahjckkjfobafhncgmne", {},{},console.log)` from within the Stylus extension page, not from an external page like hacker news.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact