GOOGLE HAS CONFIRMED plans to prevent the installation of extensions in Chrome from anywhere except the Chrome Web Store.
"Inline installation" is incredibly popular with security packages to install a web scanner for "added value", but this process will now end.
The reason, as you'd expect, is security, with Google saying that exploits are reduced significantly if third-party sites are taken out of the equation.
Initially, any Chrome extension first published from Tuesday (12 June) onwards will have auto-install blocked. Users adding the chrome.webstore.install() command to enable this function will instead find it redirects to the appropriate Chrome Store listing.
By the end of the year, the API that allows this behaviour will be removed from Chrome, starting in Chrome 71.
By September, existing apps will also behave this way. This is in addition to a previous lockdown for Chrome extensions in 2014 which blocked all extensions that came from third-party servers starting way back in Chrome 33. Currently, all extensions have to come from Google's servers or be damned.
A number of individual extensions have also been removed for doing dodgy stuff including data mining, crypto jacking and rick rolling (probably). Others contained backdoors.
In the Chromium blog, James Wagner, the Extensions Platform Product Manager explains, "…we continue to receive large volumes of complaints from users about unwanted extensions causing their Chrome experience to change unexpectedly — and the majority of these complaints are attributed to confusing or deceptive uses of inline installation on websites.
"As we've attempted to address this problem over the past few years, we've learned that the information displayed alongside extensions in the Chrome Web Store plays a critical role in ensuring that users can make informed decisions about whether to install an extension.
"When installed through the Chrome Web Store, extensions are significantly less likely to be uninstalled or cause user complaints, compared to extensions installed through inline installation."
In other words, what we just said.
Developers are advised to read up on how to make a good Chrome Web Store listing and how to use the page banner within their site to redirect to the appropriate Web Store listing. µ
Could your next colleague be a bot?
Remove the tech or face the courts, threaten privacy advocates
OK Google... sell me stuff I didn't know I wanted
OxygenOS 5.1.7 also fixes issue related to 'Do Not Disturb' scheduling