I’m trying to port an userscript to webextension since the script won’t work on GM4+ due to the changing of API. I had read some policies of webextensions on MDN. And I want to make sure how to port one of its functionality:
The function is about generating the feed list (timeline). The userscript would fetch feed lists of what user had followed from multiple first party source, and try to merge all the feeds in lists by the time it posted. While doing so, the userscript would use xhr to fetch the feed list pages, find out its feeds, sort them by time, and insert to current page. And the url fetched by xhr would be first party page (same domain).
I’m trying to port this piece of userscript to webextension’s page script (or content script).
To me, I think it is secure enough since: It only load first party content. It won’t making the website gained any privileges. It won’t be tracked by any third party. (First party may always track the usage of these extensions which had modified there pages’ content.) It just make the page works as what it should be.
But I wonder whether it will be rejected simply due to inserting remote contents. If so, what’s the best alternative to me?
For reference purposes, the userscript may be found here if you want more details.