Script Bubble Icon in Chrome’s Omnibox

Chrome team is going to introduce a new icon in the omnibox (address bar) to displays the information about the extensions running Content Scripts in the current tab. Content Scripts are the additional JavaScript code inserted in the page by the extensions – which may modify the page content to improve the browsing experience.

Adding JavaScript to pages may be potentially vulnerable and extensions may perform some undisclosed activities as well. On the other hand, it also affects the load time of the pages. Thankfully, Chrome team has already turned-on Content-Security-Policy (CSP) by default, which prevents extensions to load JavaScript from web sources. By adding this new icon, the Script Bubble, Chrome informs users about the extensions adding JavaScript to the current web page so that users have this critical information.

chrome-script-bubble

One should not use lots of such extensions inserting JS in the pages to improve the performance of the sites. Also, one must install extensions only from a trusted source and developer.

As of now, this feature has landed in the latest Chromium and Chrome Canary builds, and users can enable it by adding --script-bubble-enabled=1 switch to the Chrome launcher.

[ Thanks, François Beaufort ]