Mozilla Firefox before 60.0 : WebExtensions can use request redirection and a filterReponseData filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission.