I'm trying to block a website with a chrome extension that uses the new declarative net request API for Manifest V3, but it isn't working at all. I have added the permission in the manifest and made sure to add the priority, id, action and conditions, but it still doesn't do anything at all. Since I am blocking only one domain, I tried changing the domain list in the conditions from "domains" to "domain" but this just blocks every domain. Here is the applicable part of my manifest. I'm not sure why, but when I open the website in a private/incognito tab, occasionally, it will work.
"declarative_net_request" : {
"rule_resources" : [{
"id": "rules1",
"enabled": true,
"path": "rules.json"
}]
},
"permissions": [
"declarativeNetRequest"
],
Here is my rules.json file.
[{
"id": 1,
"priority": 1,
"action": {
"type": "block"
},
"condition": {
"domains": ["google.com"],
"resourceTypes": ["main_frame"]
}
}]
You need to change the "Domains" tag to "requestDomains" or "initiatorDomains" since the "Domains" tag is deprecated. I am assuming that the google.com is your initiator Domain which means you want to block all requests originating from google.com to any destination website. If you want to block google.com from being a destination website i.e you want to stop any requests being made to google.com, you need to use the "urlFilter" tag instead.
I ran into the same problem, google does a terrible job at telling us what's deprecated. domains was deprecated and we have to use initiatorDomains instead:
what worked for me was:
inside your rules conditions -
urlFilter: "https://example.com" to block a request going to your "https://example.com"
and then:
initiatorDomains:["mail.google.com"] to block a request coming from "mail.google.com" (just an example)
must include in the manifest version 3
"host_permissions": [ "<all_urls>" ]
if I had that example on how to block from and to, it'd have saved me a lot of time. I hope this helps
Related
I am migrating our v2 extension to manifest v3 and in the process of converting from the deprecated WebRequest API to the new DeclarativeNetRequest, I've found that the following rule does not intercept requests that originate while navigating through links, yet it does intercept the same request if the URL is entered into the address bar. I need it to intercept all requests and URL changes that happen in the top frame.
[
{
"id": 1,
"priority": 1,
"action": {
"type": "redirect",
"redirect": { "regexSubstitution": "some local web server address here" }
},
"condition": {
"regexFilter": "^(https?\\://)?[^\\:]+$",
"resourceTypes": [ "main_frame" ]
}
}]
Turned out it's a bug in Opera's requests originating from the Speed Dial shortcuts. Chromium Canary does not exhibit the same issue with the start page shortcuts.
I have reported the issue to the Opera team.
As we know, by default chrome extensions doesn't have access to chrome:// pages such as chrome://extensions and chrome://settings. ( Of course we can change chrome://flags/#extensions-on-chrome-urls flags however the following question is based on that we didn't change the default flags).
Recently I happen to find ChromeVox (offered by chrome.google.com) can work well in all pages including chrome:// pages. I checked the source code for this extension and find as long as we add the following line in manifest.json for any extension, the extension can work well in chrome:// pages.
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEGBi/oD7Yl/Y16w3+gee/95/EUpRZ2U6c+8orV5ei+3CRsBsoXI/DPGBauZ3rWQ47aQnfoG00sXigFdJA2NhNK9OgmRA2evnsRRbjYm2BG1twpaLsgQPPus3PyczbDCvhFu8k24wzFyEtxLrfxAGBseBPb9QrCz7B4k2QgxD/CwIDAQAB"
So it looks like chrome has something like whitelist to allow specific extensions to break the default restrictions. Am I right? Is there official guide to clarify this behavior?
Appendix:
The following is a sample extension, you will find with the key, console will output test even in chrome://extensions pages; however once removing the key, nothing happens.
manifest.json:
{
"manifest_version": 2,
"name": "Test",
"version": "1.0",
"content_scripts": [
{
"matches": [
"<all_urls>"
],
"js": [
"content.js"
]
}
],
"key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEGBi/oD7Yl/Y16w3+gee/95/EUpRZ2U6c+8orV5ei+3CRsBsoXI/DPGBauZ3rWQ47aQnfoG00sXigFdJA2NhNK9OgmRA2evnsRRbjYm2BG1twpaLsgQPPus3PyczbDCvhFu8k24wzFyEtxLrfxAGBseBPb9QrCz7B4k2QgxD/CwIDAQAB"
}
content.js:
console.log('test');
"key" property in manifest.json uniquely defines the extension's ID in encrypted form.
Some Google extensions are unfairly(?) whitelisted by ID in the source code of chromium.
In this case, ChromeVox:
scripting_whitelist_.push_back(extension_misc::kChromeVoxExtensionId);
And then this whitelist is checked to see whether an extension can run everywhere in PermissionsData::CanExecuteScriptEverywhere, which is accessed in CheckRestrictedUrls where we can see restricted schemes: chrome://, chrome-extension://, chrome-debugger://
There is a site that I'm using that has a horrible interface. I wanted to "fix it up a bit" and insert some custom CSS. I have my chrome extension working using google.com but can't get it to work on the target site. The only thing I can work out is maybe it's because of the colon in the matches URL?
http://subdomain.subdomain.subdomain.edu.au:82/Folder/
Strangely the javascript I have done does work (adds a class to ) so I am thinking maybe there is something else that is a problem. Also note that the target site is behind the u/p but is not on a https server - does this matter?
Here is the complete manifest.json
{
"manifest_version": 2,
"name": "Test",
"description": "Makes the site prettier.",
"version": "1.5",
"author": "daniel",
"icons": { "16": "/icons/icon16.png",
"48": "/icons/icon48.png",
"128": "/icons/icon128.png"
},
"content_scripts": [{
"matches": ["http://subdomain.subdomain.subdomain.edu.au:82/Folder/*"],
"css": ["style.css"],
"js": ["script.js"]
}]
}
and here is the CSS file:
html body.customclass {background-color: #FF0;}
and here is the JS file:
document.body.classList.add("customclass");
Ah, after much google searching I found the relevant information:
https://developers.google.com/search-appliance/documentation/46/admin/URL_patterns#match_ports
So the trick was to wildcard the port rather than state it.
"matches": ["http://subdomain.subdomain.subdomain.edu.au:*/Folder/*"]
This fixes my issue (it doesn't really matter for me which port gets used) but there should be a better way to match urls with a port number so that specific ports (i.e. :82) works.
I had a good idea, which kind of revolves around ips from the server the user is on.
Im very new to making a google chrome extension, but i am good at the programming languages that requires to build one .
Question: Can I get a IP from a server that the user is on? and if so how would you do this?
I was thinking just AJAX the url to my own server which then pings the server which would get the ip and returns that/stores it some where.
You can get current URL of tab\web Pageuser is currently browsing using chrome.tabs API
Demonstration
chrome.tabs.query({
"currentWindow": true, //Filters tabs in current window
"status": "complete", //The Page is completely loaded
"active": true // The tab or web page is browsed at this state,
"windowType": "normal" // Filters normal web pages, eliminates g-talk notifications etc
}, function (tabs) { //It returns an array
for (tab in tabs) {
_url_i_need = tabs[tab].url;
//Do AJAX Stuff here
}
});
Ensure you declare tabs permission in your manifest as shown here
{
"name": "My extension",
...
"permissions": [
"tabs"
],
...
}
References
Tabs API
looking for some help or a blog post really regarding using the auth bundle with RavenDB..
using the HelloWorld example: http://ravendb.net/tutorials/hello-world
i'm trying to disable the user from querying for orders.. i've tried different auth roles approaches but i can't get the damn thing to work.
at present i've:
* created a authorization user
* created a authorization role
Id: Authorization/Roles/Orders
{
"Permissions": [
{
"Operation": "order/1",
"Tags": [
"Orders"
],
"Allow": false,
"Priority": 1
}
]
}
ID: Authorization/Users/ayende
{
"Name": "Ayende Rahien",
"Roles": [
"Authorization/Roles/Orders"
]
}
just can't get my head around how to filter out the orders from queries.
for example, querying orders/1 will return an order of 1 prior to applying the permission.
after using:
session.SecureFor("Authorization/Users/ayende", "orders/1");
I would expect orders to return no orders..
do i have this concept totally wrong or just configured my permission's wrong?
thanks
You can use the IsAllowed method to check whatever or not you can access a document or now, but also to check why you can / can't access a document.
Have you applied your permission to the document then invoked SaveChanges? Maybe if you post your code it would easier to tell what's happening.