Firefox extension: unexpected property in contentscript permissions - json

I'm trying to load an extension, which was originally developed for Chrome, into Firefox. I'm aware that there are subtle differences, my idea was to fix the errors one by one.
The manifest can actually be loaded, an icon is added and the extension is listed as installed.
But during the loading, there are two warnings. One of them is:
Reading manifest: Error processing content_scripts.0.permissions: An unexpected property was found in the WebExtension manifest.
Unfortunately, this doesn't tell me which property is unexpected. I opened the debug consoles, the message is identical, there is no additional information.
The content_scripts section from the manifest is this:
"content_scripts": [
{
"css": [
"extra.css",
"all.css",
"bootstrap.min.css"
],
"js": [
"firebase.js",
"jquery.min.js",
"content.js",
"popper.min.js",
"bootstrap.min.js"
],
"matches": [
"https://dlab.epfl.ch/*",
"https://*.wikipedia.org/*"
],
"permissions": [
"storage",
"activeTab"
]
}],
The permissions look good to me. I checked against the Mozilla docs here, to avoid something like a spelling mistake. But storage and activeTab are allowed as permissions.
How can I find out what this unexpected property is ?
For reference, here is the full manifest: https://pastebin.com/dkaNmZHk

As #wOxxOm said, it is a simple mistake in the JSON layout:
permissions should be top-level and not within content_scripts.

Related

Converting Chrome Extension to Edge Extension, Permissions issue

I have a chrome extension I have made and I want to convert it to Edge using the Microsoft Edge Extension Converter, everything works fine except for the popups tabs and cookies permissions
"content_scripts": [
{
"matches": [
"http://www.website.com/*"
],
"js": [
"jquery-3.1.1.min.js",
"startup.js",
],
"css": [
"font-awesome.css"
],
"run_at": "document_end",
"permissions": [
"cookies",
"tabs"
]
}
],
If i were to remove
"permissions": [
"cookies",
"tabs"
]
The extension will load however the communication between the popup and the window will not work, but if i leave the code in i get the following error
Manifest parsing error: Invalid field 'permissions' found in 'content_scripts'.
I try to check the documentation and find that permissions are not the part of content_scripts.
In your sample above, I can see that you are using permissions under content_scripts.
I think this is the cause for this issue.
As per the documentation, following keys can be used with content_scripts.
all_frames, css, exclude_globs, exclude_matches, include_globs, js, match_about_blank, matches, run_at
to get the example refer link below.
content_scripts
To solve the issue, you can try to put 'permissions' outside the 'content_scripts'.
Reference:
permissions

Google chrome extension include_globs not working

In my google chrome extension i want to insert a JS file in a wild card url using the include_globs but it is not working
"content_scripts": [
{
"matches": [
"http://stackoverflow.com/*"
],
"include_globs": [
"*google*"
]
"js": [
"scripts/content-scripts/utils.js",
]
},
This script is inserted in stackoverflow but not in google.
You misunderstand how globs work.
They offer additional filtering after matches filter is applied.
include_globs
array of string
Optional. Applied after matches to include only those URLs that also match this glob. Intended to emulate the #include Greasemonkey keyword. See Match patterns and globs below for more details.
So your manifest applies to https://stackoverflow.com/questions/tagged/google-chrome-extension but not https://www.google.com/ or http://stackoverflow.com/
I understand your desire to use a glob: you basically want a google.* pattern. That's not allowed due to inherent security risks attached.
You can see the question Match pattern for all google search pages to see why and what are the possible workarounds.

Binding extension content scripts to Chrome's start page?

Is there any way to bind a content script to Chrome's start page?
I tried setting matches to "*", but it doesn't even run. With "*://*/*" it does not bind.
No, you cannot*. Technically, the start page is chrome://newtab/, and Chrome Extensions cannot access chrome:// pages for security reasons, not even with the widest "<all_urls>" permission.
Your only hope is to make your own New Tab page, though it would be hard to replicate all of the default functionality (e.g. thumbnails of top sites).
* One can enable this with Chrome Flags: chrome://flags/#extensions-on-chrome-urls But this is only applicable if the extension is for personal use and is a potential security risk.
Yes! Chrome's Start page (¿now?) has the hidden URL of the form:
https://www.google.com/_/chrome/newtab?espv=2&ie=UTF-8
And extensions with manifest.jsons like:
{
"manifest_version": 2,
"content_scripts": [ {
"js": [ "HelloWorld.js" ],
"matches": [ "*://*/_/chrome/newtab*" ]
} ],
"name": "Chrome start test",
"description": "Runs on the Chrome Start page",
"version": "1"
}
...run perfectly well on the Start page.

Can't inject content script into YouTube

This question is more for the benefit of others and my own curiosity, as I have synthesized a workaround for now (using "matches": ["http://*/*", "https://*/*"] and if (location.hostname == "www.youtube.com").
Anyway, when I have an issue like this I break the code down into simpler and simpler forms until it starts to work. Then I can figure out what's tripping up the code. But I've hit that point now where it can't get simpler and it still doesn't work. Chrome just won't inject a content script into any of YouTube's pages.
Files (link to ZIP of the following)
manifest.json:
{
"name": "test",
"version": "0",
"manifest_version": 2,
"content_scripts": [
{
"js": [
"test.js"
],
"matches": [
"*://youtube.com/*"
],
"run_at": "document_end",
"all_frames": true
}
]
}
test.js:
alert("test");
Progress
Doesn't work:
Varying the values and statically defining (no wildcards) the matches URL
Varying the values of run_at
Varying the values of all_frames
Varying the scripting in test.js
Fresh install of Chrome v24.0.1312.57 on a fresh install of Windows 7 x64
Does work:
Changing the matches value to ANYTHING other than YouTube
Changing the matches value to "http://*/*", "https://*/*"
I feel like I'm missing something really obvious here, but it's been days.. ;/
This works for me if you define the match in the manifest as "http://www.youtube.com/*"

"exclude_matches" in manifest.json does nothing?

I'm having a problem controlling what pages my content scripts are injected into. The chrome extension developer guide specifies that I can use an "exclude_matches" directive in my manifest.json to exclude certain pages from injection.
However, this doesn't seem to have any effect. My content script still executes on pages that I have specified as ignored.
I have put the steps to reproduce in a Gist. The code is also available on Github.
Any ideas what I'm doing wrong?
manifest.json
{
"name": "Testing Extension",
"version": "1.0",
"description": "Test the chrome extensions exclude_matches.",
"content_scripts": [{
"matches": ["http://*/*", "https://*/*"],
"exclude_matches": ["http://news.ycombinator.com/"],
"js": ["content.js"]
}]
}
content.js
console.log("hello from the content script");
This is Bug #100106. exclude_matches do not function properly.
To solve the problem, use exclude_globs instead of exclude_matches.
Also, your exclude_matches rule does only match http://news.ycombinator.com/.
Suffice the pattern with an asterisk to match the whole site: http://news.ycombinator.com/*.
See also: Match patterns.