Never Took Those Chrome Extension Permissions Seriously? Read This!

Every time you install an extension, Chrome shows you the list of permissions that the extension needs. You click OK, and let it go.

Let me show you a couple of important permissions among them, with help of two extensions created byFrançois Beaufort. Instead of writing a long blogpost or putting up a confusing infographic, he decided to put together two extensions that actually demonstrate what those permissions can do.

The second one is the best if you ask me. It showed my password in plain text when I logged in to a website. Yes, extensions can read that, if you give such permissions to them.

Now, I don not think this is Chrome only. The whole idea is to make people aware and be more responsible while browsing and especially while downloading and installing new software.

Let us hear from him.

I created a tiny Chrome Extension named “It’s a trap!”. The goal of this extension is to make people more aware of permissions extensions require when you install them.
Usually, we just say “yes” and that’s pretty much it. It’s a pretty bad behaviour in my opinion and since we cannot take a look at the code before installing it, it means one guy must be screwed to alert the other ones 😉

This extension asks for the permission “pageCapture” which basically lets the extension access the content of pages you visit.
Problem comes when you merge this permission with the “idle” permission (which does not raise any warning by the way) : you can open some tabs while the user is not looking at his computer, save the content and upload it to an evil server.

“It’s not a trap!” does not implement the last step and lets you see how it handles with some examples : your facebook friends, your android apps and some countries you visited.

Go give it a try at and spread the word!


Second Extension can be downloaded here.

So next time you install a Chrome extension, read those permissions carefully and spend some time to find out if that extension really need those permissions.

In Category: Google Chrome


Dinsan made Google Chrome his default browser within hours of its release. He fell in love with Chromebooks from the day he first touched one and is currently obsessed with Chromecasts.

Show 1 Comment
  • Shawn 10/10/2012, 9:14 pm

    Is there an easy way we can check the permissions of already installed extensions?

Leave a Comment