In my manifest.json file, I have nothing explicitly listed for reading a user's history, however, this warning comes up when you try to install the extension.
Here is my manifest file:
{
"manifest_version": 2,
"name": "QueueTube for YouTube!",
"short_name": "QueueTube",
"description": "Search YouTube without stopping the video, and make your own playlists!",
"version": "1.5",
"author": "Dara Javaherian",
"permissions": ["tabs", "*://*.youtube.com/*"],
"background": {
"persistent":true,
"scripts": [
"bg/socket.io.js",
"bg/background.js"
]
},
"icons": {
"128": "icons/youtube-128.png"
},
"browser_action": {
"default_icon": "icons/icon.png",
"default_popup": "popup/popup.html"
},
"web_accessible_resources": [
"spinner.gif"
],
"content_scripts" : [{
"matches" :
["https://www.youtube.com/*",
"http://www.youtube.com/*"],
"js" : [
"js/jquery.js",
"js/inject.js"],
"css" : ["styles/styles.css"]
}]
}
Does anyone know why this permission is showing up?
This is the standard warning for the "tabs" permission.
It allows you to query, and be notified of changes, to URLs of all tabs. This allows you to spy on the user's history in real time - even if you don't have access to the browser's own history log.
Note that "tabs" permission is not required in most cases. Providing access to URLs is basically the only reason to include it. You can use most of the tabs API without it, and can get access to current tab without warning using the "activeTab" permission.
Warnings and their triggers
It can be surprising when adding a permission such as "tabs" results
in the seemingly unrelated warning that the extension can access your
browsing activity. The reason for the warning is that although the
chrome.tabs API might be used only to open new tabs, it can also be
used to see the URL that's associated with every newly opened tab
(using their tabs.Tab objects)
Source: https://developer.chrome.com/extensions/permission_warnings
Related
Recently, I have been working on a Chrome plug-in with co-workers and I must admit that I do not have much experience with Chrome extensions. We already published one version. Now, I just submitted a second release.
I am aware that following the Manifest v3 rules helps to speed up the review process. Also, I believe we are following the rules and we really need to have a fast review process.
However, I keep seeing this message:
It points to the official documentation on the topic: Migrating to Manifest v3 which includes a check-list.
This message makes me suspicious that I might have made some mistakes.
Hence, I would like to show my manifest.json:
{
"name": "My plug-in name",
"description": "Auto-fill some specific forms",
"version": "0.0.22",
"manifest_version": 3,
"action": {
"default_popup": "src/importer/popup.html",
"default_icon": "src/importer/img/company-logo.png"
},
"icons": {
"128": "src/importer/img/company-icon.png"
},
"permissions": ["activeTab", "scripting"],
"background": {
"service_worker": "src/importer/background.js"
},
"content_scripts": [
{ "js": ["src/importer/content-script.js"],
"matches": ["https://*.onewebsite.com/*"] }
]
}
It seems to be correct.
Am I missing something? Is the extension Manifest V3 compliant?
Should I ignore Chrome Web Store alert?
This question already has an answer here:
Change "from [name]"/"offered by [name]" in a Chrome extension's Webstore listing
(1 answer)
Closed 6 years ago.
I just created a chrome extension, I wanted to know how to change the "offered by" and "developer" information. Check the screenshot below I have underlined the information I am referring to.
I found this one old SO thread - How to specify author of Extension in Manifest file.
And I have tried something like this
{
"browser_action": {
"default_icon": "icons/logo.png",
"default_popup": "popup.html",
"default_title": "Timezone Convertor"
},
"description": "The all in one, timezone plugin you had been waiting for!",
"manifest_version": 2,
"name": "Timezone Convertor",
"permissions": [ "storage", "tabs", "http://*/*", "https://*/*" ],
"update_url": "https://clients2.google.com/service/update2/crx",
"version": "1.5",
"authors": [{"name": "Ali Rizvi", "email": "example#gmail.com"}, {"name": "Yasser R Shaikh", "email": "example#gmail.com"}]
}
But it doesnt work. Google's manifest documentation also doesnt have much information about it.
Those were in manifests v1 (Also explained here). For v2 and v3 extensions they are changed in the Chrome Web Store Developer Dashboard.
Instructions updated 2023:
Visit https://chrome.google.com/webstore/devconsole and login
Your account settings can be accessed by clicking the "Account" button in the upper left corner
I am a beginner for the chrome extension. I have found a demo to add event to google calendar, I have solved some problems for this demo, but it doesn't word yet... Now I have a problem and I don't know how to fix it
L'installation de cette extension a généré des avertissements :
'background_page' requires manifest version of 1 or lower.
manifest.json :
{
"name": "Add Event to Google Calendar",
"version": "1.4.1",
"manifest_version": 2,
"description": "A user can add events to Google Calendar by simply highlighting dates that appear on a webpage.",
"icons": { "48": "calendar48.png", "128": "calendar128.png" },
"background_page": "background.html",
"permissions": [
"tabs", "http://*/*", "https://*/*", "http://www.google.com/"
],
"content_scripts": [
{
"matches": ["<all_urls>"],
"js": ["jquery.js", "date.js", "content_script.js"]
}
]
}
background.html
I can not post background.html here, because it is too long...please download this here Add-to-Calendar-Chrome-Extension
Thank you very much!
Google are changing the manifest version requirements for Chrome as detailed in this link.
The warning is only visible with "Developer mode" active. They don't affect end-user. You can also consider using minimum_chrome_version to block users with older browsers from downloading your latest update. Downgrade to manifest_version: 1, wait for everyone to download downgraded version and, yet again, push update with manifest_version: 2 this time adding minimum_chrome_version: 18.
The background_page property has been replaced with a background. That property contains scripts, either a page or property. Details are available in the Event Pages documentation.
You may check this forum.
I am working with Chrome Identity API, to provide users with a Google Authentication on my Chrome Extension.
I followed the official tutorial of Google : link Chrome Identity API
i added permissions to manifest.json and Client ID and Scopes
to trigger the Authentification i added this code in my Background.js
chrome.identity.getAuthToken
The problem is when i execute the extension i am redirected to this login page
chrome://chrome-signin/?source=5
but after a successfull authentication i am redirected another time to the login page
what is the problem ?
Manifest.json
{
"name": "My Extension",
"short_name": "Ex App",
"version": "0.1",
"description": "description",
"manifest_version": 2,
"icons": { "128": "ICONE.png", "48": "ICONE1.png" },
"permissions": ["contextMenus", "identity", "cookies", "http://*/*", "https://*/*", "<all_urls>", "unlimitedStorage"],
"browser_action": {
"default_title": "Title",
"default_icon": "imgIcone.png"
},
"oauth2": {
"client_id": "xxxxxxx",
"scopes": [
"https://www.googleapis.com/auth/userinfo.email"
]
},
"background": {
"scripts": ["background.js"]
},
"content_scripts" : [
{
"matches": ["*://*.google.com/*"],
"js": ["gadget/js/jquery.js","gadget/js/contactcard.js"],
"css": ["gadget/css/contactcard.css"],
"all_frames": true
}],
"content_security_policy": "script-src 'self' 'unsafe-eval' https://apis.google.com/; object-src 'self'",
"web_accessible_resources": ["img.png","gadget/css/contactcard.css","gadget/img/extension/crec.png"]
}
Background.js:
chrome.identity.getAuthToken({ 'interactive': true }, function(token) {
// Use the token.
console.log(token);
});
Problem Resolved !
the app ID of my Chrome extension does not match with my app ID in Google Console Developpers
To avoid this upload first your Extension then copy the ID from Chrome and set it in the Google Console Developpers !
you must update it in Google console everytime you change it in Google Chrome
The accepted answer is incorrect. You can upload it to the webstore, publish it, then install it from the webstore. After installing, find the installed extension app dir (~/Library/Application\ Support/Google/Chrome/Default/Extensions/<ext id> on a mac), and copy the key key from the installed manifest.json into your source code manifest.json. After adding the key field to your manifest.json, your app id will not change during local development.
Source: https://developer.chrome.com/apps/app_identity#copy_key
For other user, who might face the problem that chrome.identify.getauthtoken is not firing or you log in and nothing happens.
Check your manifest and reduce it to the bare minimum. For example the
"oauth2": { "client.id": "alongstring" , "scopes": ["bla","openid", "bla"]}. Having openid in the array, the callback simply did not fire, no alert, no nothing.
Having openid inside my scopes inside oauth2 blocked in someway the callback from being fired.
If the callback in chrome.identity.getAuthToken is not firing at all for you, make sure you are using "browser_action" in your manifest.json and not "page_action".
I am trying to download a url by writing code for chrome extension. Here is the myscript.js file:
chrome.downloads.download(
{url: 'http://www.iana.org/_img/iana-logo-pageheader.png',
saveAs: true
},
function(res){alert(res);});
and here is my manifest.json
{
"name": "My extension",
"version": "1.0",
"manifest_version":2,
"background_page": "background.html",
"browser_action": {
"name": "Manipulate DOM",
"icons": ["icon.png"],
"default_icon": "icon.png"
},
"permissions": ["downloads",
"tabs", "http://*/*","https://*/*"
],
"content_scripts": [
{
"matches": [ "http://*/*", "https://*/*"],
"js": ["jquery.js","d3.v2.js","myscript.js"],
"run_at": "document_end"
}
]
}
but the console is showing the error "Cannot call method 'download' of undefined".
Please help me.
The documentation for chrome.downloads clearly states that the "API is still under development. It is only available for Chrome users on the dev early release channel." (emphasis mine, currently at Chrome 23).
To use the API, you need to get a dev or canary build of Chrome (see this page for download links).
Another way to solve the problem is by not using the chrome.downloads API. I've been using the following method to create downloads, and it works like a charm (it works anywhere: Content script / background page / popup / whatever):
var a = document.createElement('a');
a.href = 'http://www.iana.org/_img/iana-logo-pageheader.png';
a.download = 'iana-logo-pageheader.png'; // Filename
a.click(); // Trigger download
a.click() causes Chrome to follow the link.
The download attribute causes Chrome to download the target, and suggest the attribute's value as a file name in the Save As dialog.
This feature is not limited to Chrome extensions, you can also use it in an ordinary web page. Have a look at this demo: http://jsfiddle.net/dEeHF/.