undefined | Better HN

0 pointsPanda42mo ago0 comments

> Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions.

It's not clear though, either they only tested against chrome-based browsers or Firefox isn't enabling them to do so.

edit: I answered before I go fully through the article but it does say it's only Chrome based.

> The extension scan runs only in Chrome-based browsers. The isUserAgentChrome() function checks for “Chrome” in the user agent string. The isBrowser() function excludes server-side rendering environments. If either check fails, the scan does not execute.

> This means every user visiting LinkedIn with Chrome, Edge, Brave, Opera, Arc, or any other Chromium-based browser is subject to the scan.

0 comments

2 comments · 2 top-level

OoooooooO2mo ago

Firefox uses UUID for the local extension url per extension so you can't search for hardcoded local urls.

dylan6042mo ago

What is a Chrome-based browser? Isn't Chrome Google's Chromium based browser? How many are based on Chrome?

2 more replies

j / k navigate · click thread line to collapse