Content Control

Version 3.0.1 View in Chrome Web Store

Last scanned: 12 days ago | force re-scan

Extension Details

Developer: contentcontrol.net

Rating: 5.0 ★ (1 rating)

Users: 10,000

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension has concerning trust indicators. With only 10,000 users and a single 5-star rating, the user base appears artificially small for meaningful validation. The generic name "Content Control" and domain "contentcontrol.net" provide minimal transparency about the developer's identity or reputation. The lack of detailed description makes it difficult to assess the extension's legitimate purpose.

Concerns:

The primary concern is the broad host permissions (<all_urls>) combined with declarativeNetRequest capability, which grants extensive access to modify web requests across all websites. This permission set is disproportionately powerful for most legitimate content control functions. The contextMenus permission, while less critical, adds another layer of browser integration that could be misused. The storage permission allows persistent data collection, which combined with broad site access, creates potential for comprehensive user tracking.

Recommendations:

Given the high-risk permission combination and limited trust indicators, consider running this extension in a separate Chrome profile to isolate potential security risks. Before installation, research the developer's background and verify the extension's specific functionality matches your needs. Monitor your browsing behavior for any unexpected changes or performance issues. Consider alternative extensions from more established developers with transparent privacy policies and larger, verified user bases. If you must use this extension, regularly review what data it might be collecting through Chrome's extension management settings.

Findings

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

MEDIUM

Medium-Risk Permission: contextMenus

This extension has the contextMenus permission. Can add items to the context menu.

MEDIUM

Medium-Risk Permission: storage

This extension has the storage permission. Can store data locally.

Raw Manifest

{
  "name": "Content Control",
  "icons": {
    "16": "img/icon16.png",
    "48": "img/icon48.png",
    "128": "img/icon128.png"
  },
  "action": {
    "default_icon": {
      "16": "img/icon16.png",
      "48": "img/icon48.png",
      "128": "img/icon128.png"
    },
    "default_popup": "popup/popup.html",
    "default_title": "Content Control"
  },
  "version": "3.0.1",
  "background": {
    "type": "module",
    "service_worker": "bg/background.js"
  },
  "short_name": "Content Control",
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Default search extension that empowers users to search more efficiently with Yahoo",
  "permissions": [
    "contextMenus",
    "storage",
    "declarativeNetRequest"
  ],
  "homepage_url": "https://www.contentcontrolsearch.com/wim/gotohub?s=ccpr",
  "host_permissions": [
    "<all_urls>"
  ],
  "manifest_version": 3,
  "externally_connectable": {
    "matches": [
      "https://*.contentcontrolsearch.com/*"
    ]
  },
  "declarative_net_request": {
    "rule_resources": [
      {
        "id": "rules",
        "path": "rules.json",
        "enabled": true
      }
    ]
  },
  "web_accessible_resources": [
    {
      "matches": [
        "<all_urls>"
      ],
      "resources": [
        "/img/icon16.png"
      ]
    }
  ],
  "chrome_settings_overrides": {
    "search_provider": {
      "name": "Content Control",
      "keyword": "Content Control",
      "encoding": "UTF-8",
      "is_default": true,
      "search_url": "https://www.contentcontrolsearch.com/search/?category=web&s=ccpr&vert=private&q={searchTerms}",
      "favicon_url": "https://www.contentcontrolsearch.com/favicon.ico",
      "suggest_url": "https://sug.contentcontrolsearch.com/v1/sug/?yid=ccpr&vert=private&q={searchTerms}"
    }
  }
}

by ✦ Astarte

http://www.w3.org/2000/svg	https://clients2.google.com/service/update2/crx
https://www.contentcontrolsearch.com/favicon.ico	https://www.contentcontrolsearch.com/search/?category=web&s=ccpr&vert=private&q=
https://sug.contentcontrolsearch.com/v1/sug/?yid=ccpr&vert=private&q=	https://www.contentcontrolsearch.com/wim/gotohub?s=ccpr
https://fonts.googleapis.com/css2?family=Outfit:wght@400..700&display=swap	https://fonts.googleapis.com
https://fonts.gstatic.com	https://www.contentcontrolsearch.com/search/?category=web&s=ccpr&vert=private&osp=bing&q=
https://www.contentcontrolsearch.com/search/?category=web&s=ccpr&vert=private&osp=google&q=

Content Control

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Required Permissions:

Host Permissions:

Embedded URLs (11 total):

Raw Manifest

Detections

Manifest Findings