This idea was stolen from @devsnek, whom I'm currently writing an explanation for.
I still can't figure out how to keep Webpack from making requests to the injected site...