Chrome extension manifest permissions v3 - google-chrome

Alright I'm making my first chrome extension and I've ran into a bit of a problem:
manifest.json
{
"name": "...",
"description": "...",
"version": "1.0",
"manifest_version": 3,
"background": {
"service_worker": "background.js"
},
"permissions": [
"tabs",
"scripting",
"activeTab"
],
"host_permissions": [
"tabs",
"scripting",
"activeTab"
]
}
background.js
chrome.tabs.onUpdated.addListener(function(tabId, info, tab) {
if (info.status == 'complete') changeTheme(tab);
});
function changeTheme(tab) {
chrome.scripting.insertCSS({
target: {tabId: tab.id},
css: "h1 { color: #212121; }"
})
}
The extension devtool console logs this:
Error: Cannot access contents of url "long ass url". Extension manifest must request permission to access this host.
How would I "Request" permission?

"host_permissions" is for matching urls not for permissions.
Change this:
"host_permissions": [
"tabs",
"scripting",
"activeTab"
]
Into this:
"host_permissions": [
"https://example.org/foo/bar.html"
]
Or any other urls you want the extension to be available on (expect chrome://)
If you want the extension to be available on all sites use:
"host_permissions": [
"<all_urls>"
]

Related

Manifest v3 Proxy Authentication

With the new manifest v3 came the doom of webRequest and webRequestBlocking, how are we suppose to authenticate a proxy request?
Old way:
chrome.webRequest.onAuthRequired.addListener(function(details, callbackFn) {
callbackFn({
authCredentials: { username: username, password: password }
});
},{urls: ["<all_urls>"]},['asyncBlocking']);
So my question besides the one above is what is the new way of doing this? Docs say that webRequest is replaced by declarativeNetRequest, but they don't provide one single example of how to do this.
Manifest v3 looks like is broken and google developers don't care anymore:
https://bugs.chromium.org/p/chromium/issues/detail?id=1135492.
You need to add in your manifest.json the webRequestAuthProvider permission.
{
"version": "1.0.0",
"manifest_version": 3,
"name": "Chrome Auth Proxy",
"permissions": [
"tabs",
"unlimitedStorage",
"storage",
"webRequest",
"webRequestAuthProvider"
],
"host_permissions": [
"<all_urls>"
],
"background": {
"service_worker": "background.js"
},
"minimum_chrome_version": "22.0.0"
}

ManifestV3: "invalid value for web_accessible_resources" or "resources must be listed" errors

This is my first attempt writing a Chrome extension. I added "web_accessible_resources": ["images/icon.png"] to manifest.json because I wanted to access the image from content script. After adding this line, I got the error "Invalid value for 'web_accessible_resources[0]'.
Could not load manifest." I have checked to make sure the file path is correct, where else could I be wrong?
Any help is appreciated.
{
"name": "Bookmark Checker",
"version": "1.0",
"manifest_version": 3,
"permissions": [
"bookmarks",
"activeTab"
],
"background": {
"service_worker": "background.js"
},
"content_scripts": [
{
"matches":["https://www.google.com/search?*"],
"js": ["content/content.js"]
}
],
...
"web_accessible_resources": ["images/icon.png"]
}
The syntax for web_accessible_resources in Manifest V3 has changed:
"web_accessible_resources": [{
"resources": ["/images/icon.png"],
"matches": ["<all_urls>"]
}]
The matches key must specify where to expose these resources since Chrome 89.

Chrome.identity.getAuthToken returns invalid credentials?

I have followed a few tutorials out there:
https://developer.chrome.com/apps/app_identity
https://github.com/GoogleDeveloperExperts/chrome-extension-google-apis
https://mashe.hawksey.info/2017/05/using-the-google-apps-script-execution-api-in-chrome-extensions/
to get my chrome extension to authenticate with a Google API project but this code:
chrome.identity.getAuthToken({ 'interactive': false }, function (token) {
// Catch chrome error if user is not authorized.
if (chrome.runtime.lastError) {
$("#__sample_support_logarea").text(chrome.runtime.lastError.message);
console.log('No token aquired');
console.log(chrome.runtime.lastError.message);
sampleSupport.log('No token aquired');
sampleSupport.log(chrome.runtime.lastError.message);
} else {
console.log('Token acquired');
console.log(token);
}
});
always returns:
OAuth2 request failed: Invalid credentials (credentials rejected by client).
Here is my manifest.json:
{
"manifest_version": 2,
"name": "Shopify Partners",
"description": "Automate Proposal Creation",
"version": "1.0",
"background": {
"scripts": [
"background.js"
]
},
"content_scripts": [
{
"js": [ "jquery.min.js", "main.js" ],
"matches": [ "http://*/*", "https://*/*" ]
}
],
"browser_action": {
"default_icon": "icon.png",
"default_popup": "popup.html"
},
"permissions": [
"activeTab",
"identity",
"https://accounts.google.com/*",
"https://www.googleapis.com/*"
],
"oauth2": {
"client_id": "..sr1t2ass4f9a0.apps.googleusercontent.com",
"scopes": [
"https://www.googleapis.com/auth/spreadsheets"
]
},
"key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8Cj7TI9toe9nK0Pw8FFk1hOlSCPUwJ/GUmWUgzyO3XBP2KoIFv+ISpOoPO++itYsDaXBgZzjk/EUeFMPUWbmuL6+lfs6orq39mMzQKLZEMV05bRaVVsj7gMtBGrsuOJm83Ugw+2tUVszH/yCzMFYNGqJe+ZaEPyUDVqeOfbZoo+JDleDveu0j+HTKDa6wVdDxndT+N86IEoPKCWfXdzMZ6+22ZTSPKYIvQbaHalqEQ9YAc80eHaL0eQNq/+aEv3oNWm2rbB8fy79koQKkZBuWJqgWmznWe6NzPkEpsiE+ilaUCKzWzFDFpiIC0A5Eq3KpWQdnQYDF1A2gmTh9vgkQIDAQAB",
"content_security_policy": "script-src 'self' https://apis.google.com https://ajax.googleapis.com; object-src 'self'"
}
Please note that I have omitted the complete client id here for security reasons.
The only thing that I suspect might be the reason for this is that I am running an unpacked extension in chrome dev mode which id is something like: gcnonhfkghlloailceiddfmlmdeajlkl
And in the Api Console when creating the credentials for the client I have specified the same:
Therefore I suspect that being an unpackaged extension might be comprising it. But publishing an extension in the Chrome store is a long process and certainly is not what is expected of such a simple task.
I think your extension id has changed. The same thing happened to me.
To fix this, I again created google OAuth 2.0 Client ID and it has been fixed.

Error processing manifest in firefox

I have developed a extension primarily focused on chrome which works but now i need that extension to work in firefox either so I checked by loading the extension by going to about:debugging page and loading temporary addons. Currently, I go an error. I got error something like this
Reading manifest: Error processing options_page: An unexpected
property was found in the WebExtension manifest.
Reading manifest: Error processing oauth2: An unexpected property
was found in the WebExtension manifest.
Reading manifest: Error processing key: An unexpected property was
found in the WebExtension manifest.
Here is what my manifest file looks like(I removed options_page)
manifest.json
{
"version": "1.0",
"name": "Browser Extension",
"manifest_version": 2,
"description":
"This extension allow the user to select the text and redirect to the application",
"page_action": {
"default_title": "Select Text",
"default_popup": "index.html"
},
"icons": {
"16": "img/browser16.png",
"48": "img/browser48.png",
"128": "img/browser128.png"
},
"background": {
"scripts": ["extension/js/background.js"],
"persistent": true
},
"content_scripts": [
{
"matches": [
"https://mail.google.com/mail/*/*",
"http://mail.google.com/mail/*/*"
],
"js": ["extension/js/jquery.min.js", "extension/js/content.js"],
"css": ["extension/css/main.css"],
"run_at": "document_end"
}
],
"permissions": [
"contextMenus",
"tabs",
"storage",
"webNavigation",
"notifications",
"cookies",
"identity",
"*://mail.google.com/mail/*/*",
"https://www.googleapis.com/*",
"https://*.googleusercontent.com/*"
],
"web_accessible_resources": ["img/browser128.png", "img/ios-link.svg"],
"oauth2": {
"client_id":
"114446495690-8ejpdgvmn8vc9pblteupetas.apps.googleusercontent.com",
"scopes": ["profile", "https://www.googleapis.com/auth/gmail.readonly"]
},
"key":
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqFjzbt+LtejD1JhOyMUbejOHdLoemzryr+ZQHK2CEKuI0yVVYToFs7eNusH/hfxhnyF27G4BU8apsTc695EpVQGD0ANKdt6BjubRnA/4VcdkmfdD3D9nsdCc+fHkINRU5e05grfs/BETWW/JAUULduaNWGfhT7"
}
How do i resolve above issues to make it firefox compatible as well?

How do I get the checkbox "Allow access to file URLs" to show up next to my app? I have file write permissions in manifest

More Info/Update
I packaged and installed google's own sample app showing filesystem access and it also does not show the checkbox!
You can find it here: https://github.com/GoogleChrome/chrome-app-samples/tree/master/filesystem-access
Original Post
I have the permission asking for filesystem.write ability in my manifest but on the chrome://extensions page, the check box doesn't show up. And when I click "permissions" next to my app's icon, it only shows:
"Write to files that you have opened in the application"
What am I doing wrong? (This is a hosted app)
manifest.json
{
"manifest_version": 2,
"name": "Hello World",
"description": "A test application",
"version": "2.0.3.92",
"minimum_chrome_version": "23",
"offline_enabled": true,
"update_url": "http://mywebsite.com/updates/helloworld.xml",
"icons":
{
"16": "icon_16.png",
"128": "icon_128.png"
},
"app":
{
"background":
{
"scripts":
[
"utils.js",
"fs.js",
"main.js"
]
}
},
"permissions":
[
"unlimitedStorage",
"fullscreen",
{
"fileSystem":
[
"write"
]
},
"background",
"http://*/",
"tabs"
]
}
To get this to work you need either:
permissions: [ "<all_urls>" ]
or a scheme starting with file:///.
If you try *://*/* that will not work as it only represents http or https