Call Google Chrome extension function from any website, without modifying the extension? - google-chrome-extension

I created a question a few minutes ago here: How to modify Chrome Extension, which authenticates every user through Google's OAuth 2?
However, it seems like the CRX files are signed, which means I cannot modify the extension. However, I know exactly how the extension works. Basically I need to do call a function, while parsing it a string. Is that possible to do through my website? The function from the background.js could look like this:
function sendAlert(message) {
alert(message);
}
Is it possible to call sendAlert() from my website?

It's not possible to directly access an extension from a web page.
A web page can communicate with an extension in two cases:
the extension expects external connections via, for example, runtime.onMessageExternal.
the extension listens to DOM events of the page in its content script AND there's an event that triggers the behavior you need

Related

How to use dropbox API from chrome extension content script?

If I write a chrome extension, it normally consist of multiple parts:
One is the devtools page which is a normal HTML page with origin set to
"chrome-extension://<guid>/filename". On that page I can use
the Dropbox API to get user confirmation via HTML popup and then use
the saved auth info and do all work via the Dropbox javascript library.
Another part of extension is the content script which is executed
in the context of specified third-party web pages ("injected") and have
origin cookies and web storage shared with them.
Is it possible to also use the Dropbox JavaScript library in that content script?
I can't call authenticate in interactive mode since it will re-ask for confirmation for each different webpage I'm injected into. And calling authenticate without interactive will fail since the content script doesn't share the origin, cookies and web storage with the devtools extension page :(. Maybe there's some way to "pass" the Dropbox auth info from the part of the extension that offers GUI and where user successfully confirms dropbox usage to the parts of the extension that are GUI-less, like content script or background page?
I have managed to get Facebook working from code injected into a web app via a content script. I suspect there are multiple ways, but what I did was take advantage of the chrome.identity API to do the OAuth work for me, specifically the launchWebAuthFlow().
This can only be done in the background page (in my case an event page), but I send messages to the event page which replies with the access_token, which can then be used in URLs in the same was as the 'web' technique - i.e. in HTTP requests with XHR.
You can send/receive messages via the content script (using events on document), but I decided to do it directly using "external" messages with the chrome.runtime.sendMessage() API in the web app context, and chrome.runtime.onMessageExternal() in the background script. This requires adding "matches" for the URLs you're injecting code into in an "externally_connectable" section of the manifest.json.
I believe this can be adapted to make it work with Dropbox.

Is there any reliable way to capture file upload event in a chrome extension?

In my content script, I want to monitor which file a is getting uploaded to a web application.
I monitor "change" event for any "input:file" element. It works on any site (such as Gmail) that uses "input:file".
However sites like imgur, use SWFUpload mechanism. I tried to capture "fileQueued" event on element that I suspected to be swfupload. But that did not work.
How can I capture file upload event for sites that use swfupload?
Are there any other plugins that manage file uploading that I would need to take care in my content script?
Is there any generic mechanism to tackle this problem?
(I am aware of drag-n-drop mechanism, but I have not handled that case so far.
I have also read following relevant question on SO:
Grab file with chrome extension before upload)
It's probably worth your time to experiment with the chrome.webRequest API; it appears that the onBeforeRequest event contains info about file uploads. It's a complex API with extra parameters to addListener; read the docs thoroughly.

sending a message from a web app to an extension

I have an extension which provides a number of services to any web app that requires them. I had been assuming that a web app could use chrome.runtime.sendMessage(ext-id,message), but when I try, there is no sendMessage function on chrome.runtime.
Have I misunderstood where sendMessage can be used, and is there another technique that I can use to communicate from an arbitrary web app to my extension?
There are a few options.
First, http://developer.chrome.com/extensions/manifest/externally_connectable.html is the closest to how you're thinking about it right now. You're expecting to be able to add proprietary, Chrome-specific functionality to arbitrary web pages. externally_connectable will give you a limited version of (see http://developer.chrome.com/extensions/messaging.html#external-webpage for an example), but only for specific web pages (e.g., *.yourdomain.com but not *.com).
Second, you can postMessage from your web page to a content script (see http://developer.chrome.com/extensions/content_scripts.html#host-page-communication), which can do anything a content script can. If you need chrome.* APIs at that point, you can message from the content script to your extension's page, which has access to any chrome.* APIs that it's asked for.
Finally, depending on what your "number of services" actually is, you can always executeScript another script directly into a target webpage, which is similar to forcing the webpage to include it as if it were another <script> tag. (Only similar to, not identical to, because the injection typically happens after the page has loaded.)

How do I call a page within my Chrome Extension without using a dash?

Chrome appears to allow users to call a page from the extension using a format similar to: \
chrome-extension://dckobaoiekjnnheocplcnkhnhhnpjcnl/OAuth/_callback.html
The problem is I am using Salesforce and for whatever reason they consider having a dash in the protocol invalid. The problem I am running into is I have to place a callback URL for the process I am working on. Is there another way to use https and something akin to Localhost or perhaps another protocol that does not contain a - in order to be able to call a page within my Chrome Extension?
If you are making a call from a background page then relative path OAuth/_callback.html should work.

How can I pass a message from outside URL to my Chrome Extension?

I know there's a way for extensions and pages to communicate locally, but I need to send a message from an outside URL, have my Chrome Extension listen for it.
I have tried easyXDM in the background page, but it seems to stop listening after awhile, as if Google "turns off" the Javascript in the background page after awhile.
I think you may try some walk around and build a site with some specific data structure, and then implement a content script which will look for this specific that specific data structure, and when i finds one it can fetch the data you want to be passed to your extension.
Yes, you need a content script that communicates with the page using DOM Events.. Instructions on how to do that are here:
http://code.google.com/chrome/extensions/content_scripts.html#host-page-communication

Resources