Lately someone ask me why application need to have "Your data on all websites" permission.
According to Chrome Extensions developer guide apps and extensions work like websites - any dynamic content is executing as javascript. Browsers security model does not allow making HTTP request to other domain. If any app/extension need to send on receive data from other domain it need to include requested address in apps/extension manifest. Now, Advanced Rest Client Application need to send requests to any address. It is possible only if app/extension have permission like: http://*/* and https://*/* which means allow access to any internet address starting with http(s).
Extensions with internet address permission can actually read Your data on this websites (have access to cookies and session for this addresses). That's the reason why You have notify about accessing Your data on all website.
Fortunately you can read source code of whole application at http://code.google.com/p/chrome-rest-client/source/browse/ and see that this application do not interfere with any Your data on any website. There is no other way to make it work and do not give this permission (and not to use external server). On the part of application You do not need to worry about Your privacy. As long the source code is public You always can check what this application actually can do.
Thursday 25 August 2011
Wednesday 3 August 2011
Bug fixes, new release...
I've release new version (2.0.5) with some fixes:
- appended "=" on request body will not appear anymore,
- URL encoding will only affect when filling form body
- new encoding value now save in local storage instead session storage
- when first run, an error about not existing table in DB will not throw
- UI dialogs now support keyboard events (on ESC and ENTER key)
Known issues:
- if there is no saved requests when save one it will not appear in "Saved requests" tab until page reload
If You have problems with app, please go to http://code.google.com/p/chrome-rest-client/issues/list and create an issue.
- appended "=" on request body will not appear anymore,
- URL encoding will only affect when filling form body
- new encoding value now save in local storage instead session storage
- when first run, an error about not existing table in DB will not throw
- UI dialogs now support keyboard events (on ESC and ENTER key)
Known issues:
- if there is no saved requests when save one it will not appear in "Saved requests" tab until page reload
If You have problems with app, please go to http://code.google.com/p/chrome-rest-client/issues/list and create an issue.
Subscribe to:
Posts (Atom)