Editing chrome.storage.local of another extension? - google-chrome

How can I edit chrome.storage.local of a given Chromium extension, while the browser is running?
Possible solutions:
If the browser wasn’t running, I could edit LevelDB files in ~/.config/chromium/Default/Local Extension Settings/ from a Python script or similar — but LevelDB cannot be opened by multiple processes.
Maybe I could create another very small extension that could edit other extensions’ chrome.storage.local with some permission? But I can’t find anything about that…

Related

How to test optional permissions in a Chrome extension?

I'm thinking of moving some of the permissions in an unpublished Chrome extension to being optional instead of required in the manifest, and wanted to test the user flow.
Calling chrome.permissions.request() in an unpacked extension seems to just succeed silently. The browser dialog that the user should see isn't displayed.
This Chrome developer page suggests you can test the normal user flow using a packaged .crx file:
If you'd like to see exactly which warnings your users will get, package your extension into a .crx file, and install it.
However, Chrome no longer seems to let you install an arbitrary .crx file outside of the Chrome Webstore. Dragging and dropping the file on the Extensions page lists it, but the Enabled checkbox is disabled. This SO comment indicates that testing permissions in this way is likely no longer possible, but I haven't seen any official documentation about it.
I was actually able to install and enable a non-Webstore .crx file by adding it to the extension whitelist in the Windows registry, using these instructions, but that extension didn't trigger the permission request dialogs either.
So my questions are:
Is there a way to test the permission request flow other than publishing an extension to the Chrome Webstore?
What's the best way to remove the optional permissions once you've accepted them, in order to test the flow again? Delete the extension? Call chrome.permissions.remove()?
Turns out I confused myself by requesting the "sessions" permission when the extension already had a required "tabs" permission. Apparently, requesting "sessions" when you already have "tabs" doesn't trigger the permissions dialog.
However, calling something like chrome.permissions.request({ permissions: ["bookmarks"] }) does, in fact, show the permissions dialog, even in an unpacked extension.
So the answers are:
There's no need to publish an extension to the Chrome Webstore. Just request an optional permission with your local unpacked extension to see the dialog.
It looks like the only way to trigger the permissions dialog again is to delete the extension completely and reinstall it. Calling chrome.permissions.remove() does remove it as far as the APIs go, but the permission is silently re-added if it's requested again.

Distribution of a Chrome extension through an application - is a "backup" OK?

My company distributes a Chrome extension along with our Windows apps. I have read the Google guidelines on doing so, here, and see that the recommended method of doing so is to publish the extension in the Chrome Web Store, which we have done. Then, during installation, we should place a key in the Windows registry, which will direct Chrome to download the extension from the store the next time it starts up. This all makes sense, and we are planning to use this method.
However, I am told by some of our developers that they are worried about certain scenarios (specifically in countries where access to Google servers may be blocked) where it may not be possible to install the extension this way. Therefore, they have proposed both using this method, and including the .crx file in our installation package. My question is: Will this cause any issues? For users with a normal connection to Google's servers, will they be able to receive the extension as normal?
Will this cause any issues?
As long as "it's useless, because it can't be installed" isn't an issue, then no, no issues including it. /sarcasm
You cannot install CRX files from third-party sources, even manually (and not at all automatically), with the possible exception of enterprise deployment via domain policies.
The only way to install a non-Store extension is as unpacked. This requires manually switching on the Developer mode, selecting the folder, and enduring the scary warning on every Chrome launch.
I'm afraid you'll need to consider excluding such scenarios from your potential market.
How to local install ALL Chrome CRX without any problem:
Chrome saves ALL information in %LocalAppData%\Google.
Install Chrome
Install Chrome .CRX you are needing
Back up %LocalAppData%\Google
Create WinRar to unpack saved profile to: %LocalAppData%
This bypasses the mandatory Chrome store installation.
What are the downsides of this method?
Using this method could overwrite existing user profile data/bookmarks.
Overwriting user saved bookmarks/passwords may cause data loss for user.
What is a possible workaround?
Firefox can use alternate profile, if set to do so via txt in user profile.
If Chrome profile can load alternate profile, locate the string/text responsible for this & edit it to use the new user profile path, then create a WinRar SFX to install to this new location.
This will then enable Chrome SFX installer (Via WinRar SFX) to install a chrome profile with the .CRX extensions desired already installed & not have to mess with pre-existing user data.
What are the downsides to this method?
Users may wonder how to get their old bookmarks/settings to work.
While users will get the new .CRX, it will be starting with essentially a blank profile.
How you can help:
We know we can install any unpacked CRX via SFX install.
We know we can potentially cause Chrome to use alternate profile to avoid corrupting or messing with user data.
We need someone with an idea how to install unpacked CRX without causing a problem in the old user profile.
Things tried so far:
Tried to locate the file(s) responsible for saving installed .CRX settings.
(Make unpacked CRX load & work properly)
Discovered a key file that contained bookmarks/user data also was the same one responsible for ID the CRX & making it load.
This presented a problem, because how is it possible to import this key file in a WinRar SFX installer, without also overwriting the user bookmarks/saved data?
If anyone can figure this part out, we can then use WinRar SFX to unpack CRX into Chrome profile directory, without overwriting/destroying user data.
Alternate method may be to re-route Chrome to use new profile with desired .CRX files already loaded, then cmd-line import the old profile settings/bookmarks/saved passwords.
If this is possible...
Congrats to all who are seeking solutions!
Working together, we can succeed!

Programmatically installing a chrome extension to the default profile [duplicate]

I've written an extension for Google Chrome that will be released with the next version of our product. I want to understand what properties, paths for extraction, registry entries, etc. should I provide the installer of my product so that the end user doesn't have to install the extension on their own manually, and the installer does the complete job of installing the extension, and also notifies the user that the extension has been installed. As of now, the code that I have written is placed in a folder, and I use the "Load Unpackaged Extension" to load the extension. What should I do to achieve the aforementioned task?
Google's current policy on installing extensions via the registry (for Windows machines) is this:
Only extensions from the Google Extension Gallery (or Chrome Web Store - CWS) can be installed via the registry.
See this link - https://developer.chrome.com/extensions/external_extensions - for information on how this can be done. Keep in mind the following:
-This technique will still pop-up a msgbox to the user. its not completely silent.
-When using this technique, if the user subsequently removes the extension from her Chrome, the extension gets "blacklisted" on that chrome and will not re-auto-install until the user re-install it
manually. refer to Auto-installing a google chrome extension won't work ! for details.
Chrome has a couple ways of installing extensions programmatically:
http://www.chromium.org/administrators/pre-installed-extensions
Edit: yes, this policy has changed by now, as FuzzyAmi points out.
If you're using GNU/Linux, this is how you pre-install an extension from the chrome web store for all users:
/etc/chromium/policies/managed/yourextension_policy.json
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
{
"ExtensionInstallForcelist": [
"yourextensionuniqueidentifiersup;https://clients2.google.com/service/update2/crx",
"yourextensionuniqueidentifiersup"
]
}
Reference
metamask-chrome - AUR

What is the easy way of installing chrome app from folder, for development, after loading will be disallowed?

Google Chrome will start disallowing developers from installing Chrome apps by loading them from a folder as it's possible today (see the recent news from chromium team).
However, the proposed solution seems really complicated to me and I don't understand it at all (for example, I don't have any CRX file in the first place, I just have some javascript files and manifest in a folder).
So, I want to ask. I am developing an extension that I have in a folder. How to easily load the extension in Chrome after the protections will start being enforced everywhere?
It seems I misunderstood the news. Installing through "Load unpacked extension" will still be possible, as explained here
https://www.chromium.org/developers/extensions-deployment-faq#TOC-Will-this-affect-my-ability-to-develop-my-extensions-on-Windows-

How to install a Chrome extension programmatically?

I've written an extension for Google Chrome that will be released with the next version of our product. I want to understand what properties, paths for extraction, registry entries, etc. should I provide the installer of my product so that the end user doesn't have to install the extension on their own manually, and the installer does the complete job of installing the extension, and also notifies the user that the extension has been installed. As of now, the code that I have written is placed in a folder, and I use the "Load Unpackaged Extension" to load the extension. What should I do to achieve the aforementioned task?
Google's current policy on installing extensions via the registry (for Windows machines) is this:
Only extensions from the Google Extension Gallery (or Chrome Web Store - CWS) can be installed via the registry.
See this link - https://developer.chrome.com/extensions/external_extensions - for information on how this can be done. Keep in mind the following:
-This technique will still pop-up a msgbox to the user. its not completely silent.
-When using this technique, if the user subsequently removes the extension from her Chrome, the extension gets "blacklisted" on that chrome and will not re-auto-install until the user re-install it
manually. refer to Auto-installing a google chrome extension won't work ! for details.
Chrome has a couple ways of installing extensions programmatically:
http://www.chromium.org/administrators/pre-installed-extensions
Edit: yes, this policy has changed by now, as FuzzyAmi points out.
If you're using GNU/Linux, this is how you pre-install an extension from the chrome web store for all users:
/etc/chromium/policies/managed/yourextension_policy.json
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
{
"ExtensionInstallForcelist": [
"yourextensionuniqueidentifiersup;https://clients2.google.com/service/update2/crx",
"yourextensionuniqueidentifiersup"
]
}
Reference
metamask-chrome - AUR