For example, Firefox’ screenshot addon would inject HTML into the page, and then the page could take the screenshot’s data and use it.
Addons currently have no way to reliably display their own UI on top of the page, without the page intercepting it.
I agree, addons' workings shouldn't be exposed to untrusted websites.
For example, Firefox’ screenshot addon would inject HTML into the page, and then the page could take the screenshot’s data and use it.
Addons currently have no way to reliably display their own UI on top of the page, without the page intercepting it.