So if you install your own certificate authority and then spoof the DNS it might be possible? Not so useful as an attack vector, but potentially useful for people who want to do fun things with the browsers they own.

You can just expose the data to all sites with your own extension if you have access to the device.

certificate pinning would prevent this for google related domains.

This. I think chrome is now using something called certificate transparency, but it has the same effect it won't trust your own installed CA for google.com

https://en.wikipedia.org/wiki/Certificate_Transparency