Scuttle Shell Browser
After improving securing in ssb-patchboot-ws so that arbitrary blobs can no longer access the client, I'm now working on a Web Extension that allows just that. I'm calling in Scuttle Shell Browser as it could potentially be a #scuttle-shell extension to allow Scuttlebutt access not just from desktop apps but also from selected web apps. With #scuttle-shell-browser you can enable any webpage (including blobs on http://localhost:8989/) to access the Scuttlebutt client. As communication happens via Native Messaging the local ssb-server does not need to open to HTTP connections thus avoiding cross-origin attacks.
It's work in progress and an installer is still missing but I would welcome some feedback. The sources are on git ssb and on github.