Browse Security AI Extensions Collections
Onetab Chrome extension icon

Onetab

🔍 Security Report Available
👥 2M+ users
📦 v2.8
💾 2.12MiB
📅 2026-02-20
View on Chrome Web Store

Chrome will indicate if you already have this installed.

Overview

Whenever you find yourself with too many tabs, click the OneTab icon to convert all of your tabs into a list. When you need to access the tabs again, you can either restore them individually or all at once.

When your tabs are in the OneTab list, you will save up to 95% of memory because you will have reduced the number of tabs open in your web browser.

Privacy assurance

OneTab is designed for privacy. Your tab URLs are never transmitted or disclosed to either the OneTab developers or any other party, and icons for tab URL domains are generated by Google. The only exception to this is if you intentionally click on our 'share as a web page' feature that allows you to upload your list of tabs into a web page in order to share them with others. Tabs are never shared unless you specifically use the 'share as a web page' feature.

Additional Benefits

Storing tabs in OneTab can also speed up your computer by reducing the CPU load and memory (RAM) usage of your browser. Even a high-end computer can become sluggish when many browser windows are open, because each open browser window may constantly consume resources.

September 2025 Update: A major new version of OneTab has just been released. It will be rolled out gradually as we become certain that there are no significant bugs we've missed. Please DO NOT uninstall and re-install OneTab to force an upgrade, as this will cause your existing OneTab data to be lost.

Tags

Make Chrome Yours/functionality tab-management make chrome yours/functionality

Privacy Practices

Not being sold to third parties, outside of the approved use cases
Not being used or transferred for purposes that are unrelated to the item's core functionality
Not being used or transferred to determine creditworthiness or for lending purposes
🔄 New version v2.8 detected — scan automatically queued.

Security Analysis — Onetab

Analyzed v2.10 · Mar 6, 2026 · 10 JS files · 1406 KB scanned

Permissions

favicon unlimitedStorage storage tabs activeTab scripting contextMenus readingList tabGroups bookmarks

Code Patterns Detected

charCodeAt (obfuscation) Uses Fetch API Writes to clipboard Monitors form inputs Cryptographic operations Uses postMessage for cross-origin comms Sets up event listeners

External Connections

www.example.com www.one-tab.com example.com t2.gstatic.com en.wikipedia.org

Package Contents 234 files · 5.3MB

📁_locales2.7MB
📁ar81KB
{}messages.json81KB
📁bn103KB
{}messages.json103KB
📁cs65KB
{}messages.json65KB
📁da63KB
{}messages.json63KB
📁de67KB
{}messages.json67KB
📁el96KB
{}messages.json96KB
📁en61KB
{}messages.json61KB
📁es67KB
{}messages.json67KB
📁es_41967KB
{}messages.json67KB
📁fa84KB
{}messages.json84KB
📁fi66KB
{}messages.json66KB
📁fil67KB
{}messages.json67KB
📁fr70KB
{}messages.json70KB
📁he75KB
{}messages.json75KB
📁hi101KB
{}messages.json101KB
📁hu68KB
{}messages.json68KB
📁id63KB
{}messages.json63KB
📁it66KB
{}messages.json66KB
📁ja72KB
{}messages.json72KB
📁ko66KB
{}messages.json66KB
📁ms64KB
{}messages.json64KB
📁nb62KB
{}messages.json62KB
📁nl66KB
{}messages.json66KB
📁no62KB
{}messages.json62KB
📁pl65KB
{}messages.json65KB
📁pt_BR66KB
{}messages.json66KB
📁pt_PT67KB
{}messages.json67KB
📁ro66KB
{}messages.json66KB
📁ru88KB
{}messages.json88KB
📁sv64KB
{}messages.json64KB
📁sw66KB
{}messages.json66KB
📁th103KB
{}messages.json103KB
📁tr66KB
{}messages.json66KB
📁uk86KB
{}messages.json86KB
📁ur82KB
{}messages.json82KB
📁vi69KB
{}messages.json69KB
📁zh_CN62KB
{}messages.json62KB
📁zh_TW61KB
{}messages.json61KB
📁_metadata30KB
{}verified_contents.json30KB
📁fonts344KB
🔤OpenSans-Bold-webfont.woff62KB
🔤OpenSans-Italic-webfont.woff74KB
🔤OpenSans-Light-webfont.woff61KB
🔤OpenSans-Regular-webfont.woff83KB
🔤OpenSans-Semibold-webfont.woff63KB
📁images851KB
🖼add-dark.png1KB
🖼add-folder-dark.png1KB
🖼add-folder.png1KB
🖼add-group-dark.png1KB
🖼add-group.png1KB
🖼add.png1KB
🖼archive-dark.png2KB
🖼archive.png2KB
🖼bolt-dark.png1KB
🖼bolt.png1KB
🖼bottom-right-resize-dark.png1KB
🖼bottom-right-resize.png1KB
🖼caret-dark.png1KB
🖼caret.png1KB
🖼checkbox-unticked-dark.png1KB
🖼checkbox-unticked.png1KB
🖼clear-dark.png2KB
🖼clear.png2KB
🖼clock-dark.png2KB
🖼clock.png2KB
🖼close-dark.png1KB
🖼close.png1KB
🖼copy-dark.png2KB
🖼copy-to-clipboard-dark.png1KB
🖼copy-to-clipboard.png1KB
🖼copy.png2KB
🖼cross-action-dark.png990B
🖼cross-action.png986B
🖼cross-dark.png995B
🖼cross.png986B
🖼cross2-dark.png1KB
🖼cross2.png1KB
🖼dark-mode-indicator.png2KB
🖼down-arrow-dark.png1KB
🖼down-arrow.png1KB
🖼drag-dark.png1KB
🖼drag.png1KB
🖼dragged-group-dark.png994B
🖼dragged-group.png994B
🖼dragged-tab-dark.png1KB
🖼dragged-tab.png1KB
🖼empty-star-dark.png2KB
🖼empty-star.png2KB
🖼except-this-dark.png1KB
🖼except-this.png1KB
🖼extension-icon128.png15KB
🖼extension-icon16.png743B
🖼extension-icon32.png2KB
🖼extension-icon48.png4KB
🖼extension-icon64.png5KB
🖼folder-dark.png1KB
🖼folder.png1KB
🖼globe.png2KB
🖼half-star-dark.png2KB
🖼half-star-rtl-dark.png2KB
🖼half-star-rtl.png2KB
🖼half-star.png2KB
🖼help-circle-dark.png2KB
🖼help-circle.png2KB
🖼icon19.png895B
🖼icon38.png2KB
🖼iconGrid.webp503KB
🖼import-dark.png1KB
🖼import.png1KB
🖼invert-dark.png1KB
🖼invert.png1KB
🖼light-mode-indicator.png1KB
🖼lock-action-dark.png1KB
🖼lock-action.png1KB
🖼lock-dark.png1KB
🖼lock.png1KB
🖼merge-into-parent-dark.png1KB
🖼merge-into-parent.png1KB
🖼move-dark.png2KB
🖼move.png2KB
🖼multi-dragged-folder-dark.png2KB
🖼multi-dragged-folder.png2KB
🖼multi-dragged-group-dark.png2KB
🖼multi-dragged-group.png2KB
🖼multi-dragged-item-dark.png2KB
🖼multi-dragged-item.png2KB
🖼multi-dragged-tab-dark.png2KB
🖼multi-dragged-tab.png2KB
🖼nav-to-parent-dark.png1KB
🖼nav-to-parent.png1KB
🖼onetab-button-logo-dark.png8KB
🖼onetab-button-logo-light.png9KB
🖼open-dark.png1KB
🖼open.png1KB
🖼option-button-hover-dark.png2KB
🖼option-button-hover.png2KB
🖼option-button-off-dark.png2KB
🖼option-button-off.png2KB
🖼option-button-on-dark.png2KB
🖼option-button-on.png2KB
🖼pin-action-dark.png1KB
🖼pin-action.png1KB
🖼pin-dark.png1KB
🖼pin.png1KB
🖼redo-dark.png1KB
🖼redo.png1KB
🖼remove-duplicates-dark.png1KB
🖼remove-duplicates.png1KB
🖼remove-from-quicklist-dark.png979B
🖼remove-from-quicklist.png970B
🖼right-arrow-dark.png1KB
🖼right-arrow.png1KB
🖼search-action-dark.png2KB
🖼search-action.png2KB
🖼search-dark.png1KB
🖼search.png1KB
🖼select-all-dark.png2KB
🖼select-all.png2KB
🖼share-action-dark.png1KB
🖼share-action.png1KB
🖼share-dark.png1KB
🖼share.png1KB
🖼side-panel-left-arrow-dark.png1KB
🖼side-panel-left-arrow-light.png1KB
🖼sort-dark.png1KB
🖼sort.png1KB
🖼star-dark.png2KB
🖼star.png2KB
🖼star2-action-dark.png2KB
🖼star2-action.png2KB
🖼star2-dark.png2KB
🖼star2.png2KB
🖼sync-dark.png1KB
🖼sync.png1KB
🖼task-ticked-action-dark.png2KB
🖼task-ticked-action.png2KB
🖼task-ticked-dark.png2KB
🖼task-ticked.png2KB
🖼task-unticked-action-dark.png2KB
🖼task-unticked-action.png2KB
🖼task-unticked-dark.png2KB
🖼task-unticked.png2KB
🖼tick-action-dark.png2KB
🖼tick-action.png2KB
🖼tick-dark.png2KB
🖼tick.png2KB
🖼tickbox-dark.png869B
🖼tickbox.png869B
🖼top-left-logo-sml-dark-rtl.png15KB
🖼top-left-logo-sml-dark.png15KB
🖼top-left-logo-sml-light-rtl.png18KB
🖼top-left-logo-sml-light.png18KB
🖼trash-dark.png1KB
🖼trash.png1KB
🖼tree-twistie-closed-dark.png911B
🖼tree-twistie-closed-light.png911B
🖼twistie-closed-dark.png1KB
🖼twistie-closed.png1KB
🖼twistie-open-dark.png1KB
🖼twistie-open.png1KB
🖼un-archive-dark.png2KB
🖼un-archive.png2KB
🖼un-pin-action-dark.png2KB
🖼un-pin-action.png2KB
🖼un-star2-dark.png2KB
🖼un-star2.png2KB
🖼un-task-dark.png2KB
🖼un-task.png2KB
🖼undo-dark.png2KB
🖼undo.png2KB
🖼unlock-dark.png1KB
🖼unlock.png1KB
🖼up-arrow-dark.png1KB
🖼up-arrow.png1KB
🖼vertical-ellipses-dark.png1001B
🖼vertical-ellipses.png1001B
📜ext-onetab-concatenated-sources-background.js122KBlarge
📜ext-onetab-concatenated-sources-contentscript.js1KB
📜ext-onetab-concatenated-sources-import.js213KBlarge
📜ext-onetab-concatenated-sources-localisation.js41KB
📜ext-onetab-concatenated-sources-one-tab.com-contentscript.js589B
📜ext-onetab-concatenated-sources-onetab.js299KBlarge
📜ext-onetab-concatenated-sources-options.js220KBlarge
📜ext-onetab-concatenated-sources-placeholder.js198KBlarge
📜ext-onetab-concatenated-sources-popup.js271KBlarge
📜ext-onetab-concatenated-sources-shared-page-permission.js41KB
🌐import-export.html1KB
{}manifest.json2KB
🎨onetab.css27KB
🌐onetab.html2KB
🌐options.html1KB
🌐placeholder.html2KB
🌐popup.html2KB
🌐safari-permissions.html3KB
🌐shared-page-permission.html3KB

What This Extension Does

OneTab is a browser extension that helps users save memory by converting multiple tabs into a list. It's designed for privacy, but has some permissions that raise concerns.

Permissions Explained

  • faviconexpected: This permission allows the extension to display its own icon in the browser toolbar.
    Technical: The favicon permission grants access to the browser's icon management system, which could be used for phishing or branding attacks if compromised.
  • unlimitedStoragecheck this: This permission allows the extension to store an unlimited amount of data on your device.
    Technical: The unlimitedStorage permission grants access to the browser's storage system, which could be used for storing sensitive user data or malware if compromised. This is a high-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • storagecheck this: This permission allows the extension to store some amount of data on your device.
    Technical: The storage permission grants access to the browser's storage system, which could be used for storing sensitive user data or malware if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • tabscheck this: This permission allows the extension to access and manipulate your open tabs.
    Technical: The tabs permission grants access to the browser's tab management system, which could be used for phishing or branding attacks if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • activeTabcheck this: This permission allows the extension to access and manipulate your currently active tab.
    Technical: The activeTab permission grants access to the browser's current tab, which could be used for phishing or branding attacks if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • scriptingcheck this: This permission allows the extension to run scripts on your behalf.
    Technical: The scripting permission grants access to the browser's script execution system, which could be used for malware or phishing attacks if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • contextMenuscheck this: This permission allows the extension to add custom context menus to your browser.
    Technical: The contextMenus permission grants access to the browser's menu management system, which could be used for phishing or branding attacks if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • readingListcheck this: This permission allows the extension to access your reading list.
    Technical: The readingList permission grants access to the browser's reading list system, which could be used for phishing or branding attacks if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • tabGroupscheck this: This permission allows the extension to access and manipulate your tab groups.
    Technical: The tabGroups permission grants access to the browser's tab group management system, which could be used for phishing or branding attacks if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1
  • bookmarkscheck this: This permission allows the extension to access and manipulate your bookmarks.
    Technical: The bookmarks permission grants access to the browser's bookmark management system, which could be used for phishing or branding attacks if compromised. This is a medium-risk permission that exceeds what's needed for the stated purpose. ⚠ 1

Your Data

OneTab accesses your open tabs, tab groups, bookmarks, and reading list. It sends data to www.one-tab.com and t2.gstatic.com, but claims not to transmit or disclose any sensitive user data.

Technical Details

The extension uses the Fetch API to send requests to www.example.com, www.one-tab.com, example.com, t2.gstatic.com, and en.wikipedia.org. It also uses postMessage for cross-origin communications and sets up event listeners on form inputs.

Code Findings

Obfuscation using charCodeAtMedium

The extension uses the charCodeAt function to obfuscate its code, making it harder for users to understand what's happening.

Technical: The extension uses the charCodeAt function in multiple JavaScript files (e.g. contentScript.js) to encode strings and make them harder to read.

💡 Obfuscation is commonly used in legitimate extensions to protect intellectual property or prevent reverse engineering.

Uses Fetch APIInfo

The extension uses the Fetch API to send requests to various domains, which is a normal and expected behavior for many extensions.

Technical: The extension uses the Fetch API in multiple JavaScript files (e.g. contentScript.js) to send requests to www.example.com, www.one-tab.com, example.com, t2.gstatic.com, and en.wikipedia.org.

💡 The Fetch API is a standard browser API used for making HTTP requests.

Writes to clipboardMedium

The extension writes data to the clipboard, which could potentially be used for phishing or branding attacks if compromised.

Technical: The extension uses the navigator.clipboard.writeText function in multiple JavaScript files (e.g. contentScript.js) to write data to the clipboard.

💡 Writing to the clipboard is commonly used in legitimate extensions to provide a convenient way for users to share data.

Monitors form inputsMedium

The extension sets up event listeners on form inputs, which could potentially be used for phishing or branding attacks if compromised.

Technical: The extension uses the addEventListener function in multiple JavaScript files (e.g. contentScript.js) to set up event listeners on form inputs.

💡 Monitoring form inputs is commonly used in legitimate extensions to provide a convenient way for users to interact with web pages.

Cryptographic operationsInfo

The extension uses cryptographic operations, which is a normal and expected behavior for many extensions that need to protect user data.

Technical: The extension uses the crypto.subtle function in multiple JavaScript files (e.g. contentScript.js) to perform cryptographic operations.

💡 Cryptographic operations are commonly used in legitimate extensions to protect user data or provide secure communication channels.

Uses postMessage for cross-origin commsMedium

The extension uses the postMessage function to communicate with other domains, which could potentially be used for phishing or branding attacks if compromised.

Technical: The extension uses the postMessage function in multiple JavaScript files (e.g. contentScript.js) to communicate with other domains.

💡 Using postMessage for cross-origin communications is commonly used in legitimate extensions to provide a convenient way for users to interact with web pages.

Sets up event listenersInfo

The extension sets up event listeners on various elements, which is a normal and expected behavior for many extensions that need to provide user interactions.

Technical: The extension uses the addEventListener function in multiple JavaScript files (e.g. contentScript.js) to set up event listeners on various elements.

💡 Setting up event listeners is commonly used in legitimate extensions to provide a convenient way for users to interact with web pages.

Bottom Line

OneTab has some concerning permissions and behaviors, but its stated purpose of saving memory by converting multiple tabs into a list seems legitimate. However, users should be cautious when granting permissions that exceed what's needed for the stated purpose.

Similar Extensions

More in Make Chrome Yours/functionality →

Hola Vpn Your Website Unb

4M+ users
The easiest way to access the Borderless Internet, Hola VPN gets you Access to the global online content you want!
Make Chrome Yours/functionality

Video Speed Controller

3M+ users
Speed up, slow down, advance and rewind HTML5 audio/video with shortcuts
Make Chrome Yours/functionality

Sponsorblock For Youtube

2M+ users
Skip sponsorships, subscription begging and more on YouTube videos. Report sponsors on videos you watch to save others' …
Make Chrome Yours/functionality