I thought I would dump my previous links incase you jump into writing an extension. It would be better to contribute to the open source extension than to have yet another project (as we do with removing auth popups on news feed items)
Otherwise nothing against this making news again, the more people that know about it the better
Those extensions are good. I wanted an ext for personal usage that just removes scope at all - no big plans here.
My point is not just 'check this trick' but OAuth2 has no fixed-scope feature at all. You always have to check shit after user did something. This is just lifehack but i am interested in oauth2 spec overall
Second, this is well known and has been discussed here previously a number of times.
There are already numerous browser extensions that allow users to customize these settings. for eg. FBSecure:
http://www.addictivetips.com/internet-tips/fbsecure-customiz...
and
https://github.com/chadselph/OOptOut-Chrome-Extension
previously discussed on HN here:
https://news.ycombinator.com/item?id=3287272
and a bunch of other threads that I can't find right now.