Hi,

I am really excited about firenvim, so first thanks a lot for making this.

I was wondering if it would be possible to reduce the permissions firenvim asked for in firefox to specific websites and/or containers?
For example, I would like it to be allowed to read my overleaf and github but not my email.

(Mostly as a matter of generalised caution not because I distrust the developers of firenvim specifically.)

Thanks!

I don't think Firefox's permission system allows for this. Either there is a hard coded list of sites that get permissions up front, or a wildcard for any site. Obviously you have a specific white/black list in mind, but that same list won't work for everybody. There isn't a mechanism that I know of for customizing either white or black lists that an extension can access. Of course the extension itself can configure what it does access, but obviously inside the extension can't be where one controls what it could access if it wanted to be evil. That means the configuration has to be higher up, which puts it outside the realm of this extension to implement, and I don't know of any browsers that do.

Ah well, thanks for the answer.

This is an excellent question, and alerque's answer is unfortunately spot-on: it's not currently possible. There is a sliver of hope though: it should become possible in Firefox once Manifest v3 (a newer webextension standard) is enabled and Firenvim is migrated to it. This was announced roughly a year ago on the mozilla add-ons community blog: https://blog.mozilla.org/addons/2022/11/17/unified-extensions-button-and-how-to-handle-permissions-in-manifest-v3/ . Unfortunately, Manifest v3 has restrictions that will prevent Firenvim from working with JS text editors (e.g. CodeMirror) and will require architectural changes that could potentially introduce slowdowns in Firenvim, so I have not even tried to migrate Firenvim (the tracking issue is #1193 ). But there is some hope there too, the Google Chrome team realized that some of the limitations of manifest v3 were so impacting that they indifinetly postponed the deprecation of manifest v2 while they work on v3, so perhaps some day I'll be able to migrate Firenvim and you'll be able to restrict the website Firenvim runs on.

Note that if you're willing to get your hands dirty, you could also run a custom version of Firenvim. You would need to edit this part of the manifest as described in the mdn documentation to restrict Firenvim to specific websites. Once you're done, you can either load Firenvim in Firefox through about:debugging or in chrome by enabling developer mode in chrome://extensions.