browser extension
A browser extension is a small software application that adds a capacity or functionality to a web browser. A browser extension, also called a plug-in, can take advantage of the same application program interfaces (APIs) that JavaScript can on a web page, but the extension can do more because it also has access to its own set of APIs.
While extensions are typically used to add features and enhance the functionality of a website, they can also be used to remove unwanted website elements such as pop-up ads and features such as auto-play for online videos.
Here are a few examples of browser extensions:
- AdBlock - enables content filtering and ad blocking.
- HTTPS Everywhere - provides another layer of security by making websites that support the extension automatically connect through HTTPS.
- StayFocusd - limits the amount of time the user is allowed to spend on designated websites.
- Highly - allows the user to highlight webpage text and share it through social media, email, Slack or iMessage.
Browser extensions are usually written in HTML, CSS or JavaScript. Like other types of software, browser extensions can be coded for undesirable behaviors and be misused to deliver malware. Though most add-ons are reviewed prior to being listed, malicious extensions that violate browser developer program policies are not uncommon.
For example, in January 2018, it a security company called ICEBERG reported that four malicious extensions available from the Chrome Web Store were designed to conduct click fraud and black hat SEO. In 2017, Proofpoint reported that eight compromised Chrome extensions had sent malicious code to almost four and a half million users.
When deciding whether or not to install an extension, always keep in mind the type of resources the extension can access and where it will send the data it collects. Treat with extreme caution any extensions that do any of the following: