Latest version of chrome extension requesting permissions for b5dev.ca?

samson
samson
Community Member

Hi,

I have version 1.8.4 of the Chrome extension with the ID of khgocmkkpikpnmmkgmdnfckapcdkgfaf.

It is currently disabled because it is additionally requesting read-write permissions on all b5dev.ca sites, which I find suspect.

Would someone from 1password please comment?

Thank you.


1Password Version: Not provided
Extension Version: 1.8.4
OS Version: chromeos
Sync Type: Not Provided

Comments

  • francishg
    francishg
    Community Member

    Same here, I do not want to re-enable the addon until someone from 1PW has confirmed and hopefully explains why this access is necessary.

  • gmuir
    gmuir
    Community Member

    I am also seeing this version of the 1Password Chrome Extension asking for permission to access b5dev.ca. That domain doesn't appear to resolve anywhere but I am still leery of giving the extension permission.

  • Bull3t
    Bull3t
    Community Member
    edited June 2018

    On the release notes page, 1Password X is referred to as "B5X", so I'm assuming the b5dev.ca domain is actually an internal development machine used for testing, which shouldn't have slipped into the release. Canada is still asleep at the moment though, so I guess we'll have to wait to hear from the team :).

  • entropiae
    entropiae
    Community Member

    Dave Teare answered on this on Twitter:

  • Mitch
    edited June 2018

    Hi all,

    Thanks for calling attention to this. b5dev.ca is a staging site which we use to test new features (oooh..) and should not have been added to the public extension. We'll have another beta out soon which removes permission requests for this URL and any others that are only used for testing. Apologies for the surprise prompt.

    -Mitch

  • samson
    samson
    Community Member

    Thanks Mitch!

  • AGAlumB
    AGAlumB
    1Password Alumni

    Likewise, thanks for bringing it up here! :)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @BrokenHope: Ah, I'm sorry for not being clearer: It's perfectly safe to accept it. This just means that the beta will be able to access out test environment (which we use internally) in addition to our public 1Password.com, 1Password.ca, and 1Password.eu sites. Given that you won't be using our test site, this will have no impact on you or anyone else. Thanks for requesting the clarification! :)

This discussion has been closed.