Advanced REST Client blog
Blog for Advanced Rest Client - a Google Chrome application.

About: security

Lately someone ask me why application need to have "Your data on all websites" permission.
According to Chrome Extensions developer guide apps and extensions work like websites - any dynamic content is executing as javascript. Browsers security model does not allow making HTTP request to other domain. If any app/extension need to send on receive data from other domain it need to include requested address in apps/extension manifest. Now, Advanced Rest Client Application need to send requests to any address. It is possible only if app/extension have permission like: http://*/* and https://*/* which means allow access to any internet address starting with http(s).
Extensions with internet address permission can actually read Your data on this websites (have access to cookies and session for this addresses). That's the reason why You have notify about accessing Your data on all website.
Fortunately you can read source code of whole application at http://code.google.com/p/chrome-rest-client/source/browse/ and see that this application do not interfere with any Your data on any website. There is no other way to make it work and do not give this permission (and not to use external server). On the part of application You do not need to worry about Your privacy. As long the source code is public You always can check what this application actually can do.