Protect against browser extension injected Javascript code

Being able to disable someone’s browser extension usually implies taking over the browser. I don’t think it’s possible. It would be a huge security risk. Your purpose maybe legit, but consider the scenario of webmasters programatically disabling addblockers for users in order to get them to view the advertisments.

In the end it’s the user’s responsability to make sure they have a clean OS when making online banking transactions. It’s not the website’s fault that the user is compromised

UPDATE
We should wrap things up.
Something like:

<meta name="disable-extension-feature" content="read-dom" />

or

<script type="text/javascript">
    Browser.MakeExtension.MallwareLogger.to.not.read.that.user.types(true);
</script>

doesn’t exist and i’m sure there won’t be implemented in the near future.
Use any means necessary to best use the current up to date existing technologies and design your app as best as you can security wise. Don’t waste your energy trying to cover for users who souldn’t be making payments over the internet in the first place

Leave a Comment

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)