I googled the problem and opted out ecoasia from the extension settings when i noticed my urls getting redirected everytime. but i had no idea that the extensions can 'Access all data on all the websites'. now I notice most of my extensions like web developer, page ruler, web font previewer have this permissions. need further clarification from the chrome team as to what this exactly is. passwords? credit card numbers? can also be accessed by the extensions?
Pretty much, yeah. The 'access all data on all websites' permission basically gives the extension access to injecting Javascript in all of your pages, which gives the extension full access to the DOM, and thus access to password and credit card fields.
