Chrome extension system questions
“Content scripts run in the same process as their associated web pages.” What makes it difficult to run them in separate processes? Give 2 reasons.
Explain how a malicious extension that has the privilege to read/write data on any origin can steal a user’s banking data even if they never visit evil.com.