Limiting security scope from all URLs to activeTab

[deluciac]

Would it be possible to use "activeTab" instead of "<all_urls>"? This would improve the security of the extension by reducing the scope of access while also getting rid of the warning how it needs to read all data on all sites. This changes the experience, however, because users will need to invoke the extension icon when wanting to use it. The extension will lose its access if the user navigates away or closes the tab. Just something to consider.

https://developer.chrome.com/docs/extensions/mv3/manifest/activeTab/

[chrispederick]

I'm investigating this as part of updating the extension to support manifest v3. Thanks for the suggestion!