What's the manifest permission to allow access to all webpage data, but only on click?
In the extension manager this is the option that appears as
Allow this extension to read and change all your data on websites you visit
- On click
As an example, the Pinterest extension asks for full read/change access, but you have the option to change that to "on click" in the extension manager. I'd like "on click" to be the initial permission request.
I've looked at the permissions here https://chrome-apps-doc2.appspot.com/extensions/declare_permissions.html
I know I can request permission to access all webpage data, all the time, with
"permissions": ["*://*"],
have you tried cookies?
permissions: ['cookies'],
origins: ['https://dummydomain.com/*']
Related
I have added a new permission system.display added to my extension in the manifest.json file.
I expected that there would be a new permission listed for the extension but it is not. Checked listed permissions by navigating to chrome://extensions and then click on details link under the installed extension.
Also I did not find associated message with this permission in Chromium.
Could it be that this permission is granted silently?
As Marc correctly pointed out - many permissions are granted silently and are not listed.
You can read about these permissions here: https://developer.chrome.com/extensions/permission_warnings#nowarning
General rule regarding permissions:
If they access user data (bookmarks, pages through contentscript, management, location, history, etc) they are listed and warnings are generated.
Permission for such items need to be asked explicitly and these are listed in details for the extension.
For system info api like system.memory, system.cpu, etc are not accessing any user info. So these permissions are granted implicitly.
In my admin dashboard I have a custom tab that is used for displaying access requests made by users within the widget. I give the admin some options in this custom tab. One of these options is to grant the request. When the admin grants the requests however, they must then assign the user that requested access to a plugin so they can be redirected in the future.
I have this functionality set up in another tab and don't really want to replicate it in this custom tab if I don't have to. Is there anyway to, on clicking of the grant access button, send the admin to the other tab with some data from previous tab?
Unfortunately There is no navigate to Tab feature. However you can actually navigate to other page directly which will take you there under the same tab (not ideal but will get the job done)
Or a much cleaner solution would be building a SPA architecture like the People or Places plugin with virtual tabs and breadcrumbs
https://github.com/BuildFire/sdk/wiki/How-to-use-Breadcrumbs
ref:
https://github.com/BuildFire/peoplePlugin
https://github.com/BuildFire/placesPlugin
Hope this helps
I haven't paid the "one-time developer registration fee" and I have uploaded my extension. In my developer dashboard it says.
"The fee is not required to publish only to users in mydomain.com"
How can I publish to users only in mydomain.com without paying the "one-time developer registration fee". I can't find that option anywhere.
To be able to publish to only people in your domain, you must have this permission enabled by the Google Apps for Work administrator for your organization.
From Google: "Administrators can choose which users they want to be able to publish private apps for their organization by clicking this checkbox in the Admin console under Device management > Chrome management > User settings > Chrome Web Store Permissions."
Once this permission has been enabled, you can upload the ZIP file, for your extension, fill out the form, and at the end, select Private (Everyone at yourdomain.com) under Visibility options. This will allow you to publish without paying the fee.
See their documentation here: https://support.google.com/chrome/a/answer/2663860?hl=en
Based on: http://developer.chrome.com/extensions/hosting.html
Once you package your extension (Go to and click the developer mode checkbox. Now you should see the packaging button), you upload it to your server. Now you will need to use the appropriate HTTP headers to get Chrome to recognize your extension (A .crx on your server) as an installable. Chrome considers a file to be installable if:
The file has the content type application/x-chrome-extension
The file suffix is .crx and both of the following are true:
The file is not served with the HTTP header X-Content-Type-Options: nosniff
The file is served with one of the following content types:
empty string
"text/plain"
"application/octet-stream"
"unknown/unknown"
"application/unknown"
"*/*"
I am trying to enter http://portal/test/_layouts/reqacc.aspx?type=web
But I getting an error message: "Access denied. You do not have permission to perform this action or access this resource."
I am site collection administrator on the site.
Can you help me?
Being a Site Collection Administrator does not matter. You need to enable Access Requests for the site.
To enable Access Requests manually, go to Site Actions > Site Settings > Users and Permissions > Site permissions, then click Manage Access Requests. Click the checkbox for Allow requests for access and set the email address.
To enable Access Requests programmatically, set the SPWeb.RequestAccessEmail property.
I enabled anonymous access to all the web pages in my sharepoint site. But in 1 page i added a tag cloud. When i am opening the page(with anonymous access), the page is asking for login. If i click cancel, then there is no error page is coming. And if the user is signed in to the site, he is able to see the flash tag cloud. how to enable the flash tag cloud to anonymous access?
I would guess that something on that page refers to a resource (such as a javascript, image file, or css) that requires authentication, and when you click cancel, the rest of the page loads, but that resource fails to load.
Try using firebug in firefox to monitor the files that are requested for that page and look to see which files get a 401 Unauthorized error. You could then either make changes to ensure that those files are available to anonmyous users or change the page so that it no longer needs those files.