Mozilla has a submission process for Firefox extensions wherein the extension is manually reviewed by a Mozilla developer before being allowed in the add-on marketplace. I know from experience that extensions with XSS vulnerabilities fail inspection and are not hosted in the market until the code is fixed.
As far as I can tell, Chrome lets you upload pretty much whatever you want into the Chrome webstore.
I'd be curious whether Firefox extensions have these issues in even close to the same proportions as Chrome extensions.
As far as I can tell, Chrome lets you upload pretty much whatever you want into the Chrome webstore.
I'd be curious whether Firefox extensions have these issues in even close to the same proportions as Chrome extensions.