Menu
I learned about Chrome disabling an extension when new permissions are added the hard way.
When I add new features to my extension I need to add new sites in the permissions list. Now I know I should have used optional_permissions.
My questions are:
permissions to optional_permissions does the user need to approve those sites again? or just the ones that I add over time.Could any of these changes cause the extension to be disabled?:
a. I add sites in the matches section of an entry in content_scripts
b. I add sites in the matches section of an entry in externally_connectable
Is there a way to define externally_connectable in optional_permissions?
Related links: chrome.permissions | Permission Warnings
Update: When Chrome disabled my extension I had added in the manifest one site on content_scripts > matches and externally_connectable with a matches site. The latter shows a new line in the permissions warnings saying "Communicate with cooperating websites". I'm not sure which change caused the disabling, that's why I ask about externally_connectable too.
522
To view the permissions of any installed extension, unpacked or from the store, open chrome://extensions page and click the details button on that extension's card. The circled part is for API permissions.
Your tabs and browsing activity: The app or extension can see the URLs and titles of websites you visit. It can also open and close tabs and windows, as well as navigate to new pages in open tabs and windows. Your physical location: The app or extension can use the current location of your computer or device.
In order to test when extensions are disabled by Chrome I created a private extension in the Chrome Web Store.
I started with a simple definition for manifest.json and then I added fields and settings one by one. For each test, I:
After 13 tests, this is what I've found:
manifest that DISABLE the extension"content_scripts" > "matches" [Warning: "Read and change your data on example.com"]"externally_connectable" > {"ids", "matches"} [Warning: "Communicate with cooperating websites"]manifest that did NOT disabled the extension (no warnings)"declarativeContent" permission"optional_permissions" > all hosts"externally_connectable" > "ids" (after externally_connectable was accepted)"externally_connectable" > "matches" (after externally_connectable was accepted)"externally_connectable" > "matches" (after externally_connectable was accepted)"incognito": "split"
"content_security_policy" > script-src URL"web_accessible_resources"
Plus, permissions listed at permission_warnings#nowarning docs.
I probably did some silly tests like "web_accessible_resources", but I prefer that than having Chrome disabling my extension again.
Since I'm moving to optional_permissions, all hosts listed in permissions are removed. So, I wanted to know what would happen with the disabled extension when a new update does not have the problematic permission anymore:
Update 1: a new host is added at "content_scripts" > "matches" => Extension disabled
Update 2: the problematic host is removed from "content_scripts" => Extension ENABLED again
To conclude, if you made a mistake you can release a new version rolling back the changes that caused the extension to be disabled.
If I move the site's list from
permissionstooptional_permissionsdoes the user need to approve those sites again? or just the ones that I add over time.
The answer is straightforward, no. Chrome stores all permissions given to the extension over time. So, only the new hosts on optional_permissions need to be approved.
134
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With