I have a Chrome Page Action extension in production. Now, I would like to convert it to a Browser Action extension.
I have changed my manifest.json and everything seems to be working fine. Will this change be as smooth for my users when they update? Should I expect something else to happen for my users?
Probably, your users will not notice the update, I guess. Because, In the latest Chrome version, all page actions are put on the same place as all browser actions.
Related
I have an extension that has been working for almost 2 years now with out issue. I havent made any changes in about a year, but recently i started seeing some change in behavior.
I use the Webrequest APi to intercept navigations. During the callback for some websites i need to do some security evaluations async. When this happens I redirect to a local resource (html) as an interstatial page that tells the user what I am doing. Once complete based off the evaualtion the page is redirected where it should be. This is ussually very fast and has worked great for the last 2 years. Since the latest version of chrome things dont seem to work anymore for all cases.
If i intercept an address bar navigation. everything works as expected. The interstatial pops and everythings great. However. If i click on the same website as a link on a webpage. I get the "Blocked by Extension page". (what you would get if the nav was cancelled). I also noticed that my interstatial is showing up in the web history and if i click on it from my history page everything works.
It seems as if a bug might have been introduced by google?
Just wondering if anyone has seen this.
Thanks
I'm building a Chrome extension that makes the badge show a number returned from an API. I have the code working fine, but I have it listening for DOMContentLoaded, so it only updates when the user opens up the extension.
I would like the extension to check the API every time the browser loads a page. I do not need to change anything in the page, I just want to use it for timing.
I'm not sure what I should be using, should I be using background pages, event pages, or something else? What would be the best way to go about this?
Thanks in advance!
The api you want for “every time the browser loads a page” is chrome.tabs.onUpdated. You’d have:
chrome.tabs.onUpdated.addListener(function(tabId,changeInfo,tab) {
chrome.browserAction.setBadgeText({"text":"ABCD","tabId":tabId});
});
An easy approach for development is to use a background page, get it working, and then figure out what changes you need to convert it to an event page. With this stub however, nothing is stopping you from making it an event page.
I’ve been placing a page action on the options page of my Chrome extension. options.js calls chrome.runtime.connect({"name":"someName"}), and background.js has
chrome.runtime.onConnect.addListener(function(port) {
chrome.pageAction.show(port.sender.tab.id);
});
Unfortunately, in the new options_ui with the recommended default (and someday mandatory) "open_in_tab":false, the Sender's tab won't be set. Is there a way to get the tab id in order to show the page action?
I could use tabs.query to get the chrome://extensions/ tab, but that requires the tabs permission, which I currently don’t need. Active tab seems like it would work, but it doesn’t provide the tab id and isn’t enabled by opening an option dialog (source).
(Why do I want the page action on my options page? The extension works with a website that is only available ~7-10 weeks per year. I’d like my users to be able to interact with the extension the rest of the time, so that they can get used to the process. But I don’t want to adjust the displayed extension permissions just to do so. I can accomplish this by having the options page pretend to be the website in question.)
I have managed with my extension and using ajax call in the content script to call my server and get an answer back. But in the console I get a message like:
The page at https://www.injectedpage.com displayed insecure content from http://www.mywebsite.com/Script.asp
Is there something I can do to prevent this message appear?
One more question please.
If I distribute the .crx to other people, can they see my code in the .js page? I dont want them to know to which page in my server I post the data I send.
Thank you for reading me. And for your patience with me.
The first issue is due to the fact that the website you're injecting code into is https while your page is http. It's a security warning from Chrome that you can't hide.
Yes they can see your extension's complete code. You can obfuscate it but when you publish your extension you give the user the entire code.
If your extension has a popup thing from the toolbar, right click to inspect element and If it has a background page or something, you can inspect it from the extensions page (developer mode has to be checked)
To see all of the files of every extensions, a user can navigate to Chrome's extensions directory. For example, on Win7 it's
C:\Users\[username]\AppData\Local\Google\Chrome\User Data\Default\Extensions
User could also just rename your crx to zip and extract.
I have a great working chrome extension now.
It basically loops over a list of HTML of a web auction site, if a user has not paid for to have the image shown in the main list. A default image is shown.
My plugin use a jQuery Ajax request to load the auction page and find the main image to display as a thumbnail for any missing images. WORKS GREAT.
The plugin finds the correct image url and update the HTML Dom to the new image and sets a new width.
The issue is, that the auction site tracks all pages views and saves it to a "recently viewed" section of the site "users can see any auctions they have clicked on"
ISSUE
- My plugin uses ajax and the cookies are sent via the jQuery ajax request. I am pretty sure I cannot modify the cookies in this request so the auction site tracks the request and for any listing that has a missing image this listing is now shown in my "recently viewed" even though I have not actually navigated to it.
Can I remove cookies for ajax request (I dont think I can)
Can chrome remove the cookie (only for the ajax requests)
Could I get chrome to make the request (eg curl, with no cookie?)
Just for the curious.
Here is a page with missing images on this auction site
http://www.trademe.co.nz/Browse/SearchResults.aspx?searchType=all&searchString=toaster&type=Search&generalSearch_keypresses=9&generalSearch_suggested=0
Thanks for any input, John.
You can use the webRequest API to intercept and modify requests (including blanking headers). It cannot be used to modify requests which are created within the context of a Chrome extension though. If you want to use this API for cookie-blanking purposes, you have to load the page in a non-extension context. Either by creating a new tab, or use an off-screen tab (using the experimental offscreenTabs API.
Another option is to use the chrome.cookie API, and bind a onChanged event. Then, you can intercept cookie modifications, and revert the changes using chrome.cookies.set.
The last option is to create a new window+tab in Incognito mode. This method is not reliable, and should not be used:
The user can disallow access to the Incognito mode
The user could have navigated to the page in incognito mode, causing cookie fields to be populated.
It's disruptive: A new window is created.
Presumably this AJAX interaction is being run from a content script? Could you run it from the background page instead and pass the data to the content script? I belive the background page operates in a different context and shouldn't send the normal cookies.