Chrome extension open new tab on new tab

Question

I have created a Chrome extension that, as part of it's operation, opens a new tab with a specified url.

chrome.runtime.onMessage.addListener(
  function(request, sender, sendResponse) {
    if( request.message === "open_new_tab" ) {
      chrome.tabs.create({"url": request.url});
    }
  }
);

(Full code available on GitHub)

This works fine on tabs with webpages, but I cannot get it to work on empty tabs, for example: chrome://apps/ To clarify, if I have a tab open and it is on stackoverflow.com, then when I click on my extension button it opens a new tab loading a generated url. When I am on a new tab, or a tab where the url begins with chrome:// then the extension does not work.

What permissions do I need to include to allow the extension to open in ANY tab? Including new tabs and any chrome:// tab?

Manifest.json:

{
  "manifest_version": 2,

  "name": "MyMiniCity Checker",
    "short_name": "MyMiniCity Checker",
  "description": "Checks what your city needs most and redirects the browser accordingly.",
  "version": "0.2",
    "author":"Richard Parnaby-King",
    "homepage_url": "https://github.com/richard-parnaby-king/MyMiniCity-Checker/",
    "icons": {
      "128": "icon-big.png"
   },

    "options_page": "options/options.html",

  "browser_action": {
    "default_icon": "icon.png"
  },
    "permissions": ["tabs","storage","http://*.myminicity.com/","http://*/*", "https://*/*"],
    "background": {
    "scripts": ["background.js"],
    "persistent": false
    },
    "content_scripts": [ {
    "matches": [ "http://*/*", "https://*/*"],
    "js": [ "jquery-1.11.3.min.js" ]
  }]
}

Background.js:

//When user clicks on button, run script
chrome.browserAction.onClicked.addListener(function(tab) {
    chrome.tabs.executeScript(null, { file: "jquery-1.11.3.min.js" }, function() {
    chrome.tabs.executeScript(null, { file: "contentscript.js" });
    });
});

chrome.runtime.onMessage.addListener(
  function(request, sender, sendResponse) {
    if( request.message === "open_new_tab" ) {
      chrome.tabs.create({"url": request.url});
    }
  }
);

It appears as though the background.js file is not being executed. I suspect this to be a permissions. What permissions do I need in order to run this extension in every tab?

Answer 1

Well, this message is supposed to come from a content script you're trying to inject into the current tab.

The widest permission you can request is "<all_urls>", however, there are still URLs that are excluded from access.

1. You can only normally access http:, https:, file: and ftp: schemes.

2. file: scheme requires the user to manually approve the access in chrome://extensions/:

3. Chrome Web Store URLs are specifically blacklisted from access for security reasons. There is no override.

4. chrome:// URLs (also called WebUI) are excluded for security reasons. There is a manual override in the flags: chrome://flags/#extensions-on-chrome-urls, but you can never expect it to be there.

5. There is an exception to the above, chrome://favicon/ URLs are accessible if you declare the exact permission.

All in all, even with the widest permissions you cannot be sure you have access. Check for chrome.runtime.lastError in the callback of executeScript and fail gracefully.