Google today announced it will be disabling inline installation of some Chrome extensions starting on September 3. This is being done in the interest of security: Deceptive sites and ads have been using this feature to trick users into installing unwanted extensions.
Chrome gained inline extension installation support in 2011. The goal was to let users seamlessly install extensions from developers’ websites.
Because of the abuse, and since Google says unwanted and deceptively installed extensions are a leading cause of user complaints, the company wants to put a lid on the practice. To be clear, inline installation isn’t going away completely — the feature will be disabled only for extensions installed this way that are linked to deceptive sites and ads.
For extensions that use deceptive tactics, inline installation attempts will be redirected to the extension’s product details page in the Chrome Web Store. In this way, Google will be giving the user more information so they will be able to make the decision whether they really want to install an extension.
Google estimated that less than 0.2 percent of all extensions will be affected by this change. Nevertheless, the company argued, “It’s an important step to maintain a healthy extension ecosystem for users and the vast majority of extension developers who don’t use deceptive tactics.”
Indeed, Google has been making changes around how extensions are installed for many years now. Back in February 2013, for example, Chrome 25 disabled silent extension installation.
More recently, Google started blocking extensions not in the Chrome Web Store for its Windows users. The policy changes were actually first announced in November 2013, and were supposed to go into effect in January 2014. After developers requested more time, extensions started being blocked in May 2014.
In May 2015, all extensions not listed in Chrome Web Store were blocked for Windows users. The same became true in July for Mac users.
Ever since Google made its intentions for the Chrome Web Store clear, critics have complained that all these moves, including today’s, only turn Chrome into a walled garden. That’s certainly becoming more and more true, though Google argues it’s a fair tradeoff to be made in the name of security.