Starting in January, Google’s Chrome browser will not allow you to install extensions that aren’t hosted in Google’s own Chrome Web Store.
While Google had recently increased its security measures for keeping malicious extensions out of Chrome by adding additional warnings and disabling silent extension installs, the team clearly felt that it had to go a step further to keep Windows machines safe. The leading cause of complaints from its Windows users, Google says, is still due to malicious extensions that override browser settings and change the user experience in unexpected (and undesired) ways. Given that these malicious extensions are virtually always hosted outside of the Chrome Web Store, the team has decided to simply shut down the ability to install extensions from third-party sites.
Users will still be able to do local installs during development and admins can use their Enterprise policy settings to allow their users to pre-install and allow certain extensions. This move also won’t affect Chrome Apps.
For developers who need to migrate to the Web Store now, this move should be pretty straightforward. Most Chrome extension developers are probably using the store already anyway, so this shouldn’t be too hard for most of them. The one thing they do have to do, though, is pay a $5 fee to sign up.