iframe in chrome extension background page is always getting cancelled - google-chrome

I am not able to load an iframe on the background page of a chrome extension.
I've tried loading iframe separately on html page and its working so, I think this issue has something to do with chrome extension or browser property
for example, if I add this in my chrome extension background page
<iframe id="stackoverflow" src="https://www.stackoverflow.com"></iframe>
I am always getting canceled status
WebSocket connection to 'ws://localhost:35729/livereload' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
manifest.json:
{
"name": "__MSG_appName__",
"short_name": "ixigo",
"version": "3.1.24",
"manifest_version": 2,
"description": "__MSG_appDescription__",
"icons": {
"16": "images/16.png",
"48": "images/48.png",
"128": "images/128.png"
},
"default_locale": "en",
"background": {
"scripts": [
"scripts/chromereload.js",
"scripts/libs/jquery.min.js",
"scripts/src/config.js",
"scripts/src/track.js",
"scripts/src/userIntentHandler.js",
"scripts/src/background.js",
"scripts/src/OneSignal.js",
"scripts/src/notificationsHandler.js"
],
"persistent": true
},
"content_scripts": [
{
"matches": [
"http://*/*",
"https://*/*"
],
"js": [
"scripts/contentscript.js"
],
"all_frames": true
},
{
"matches": [
"*://www.irctc.co.in/*",
"*://*.ixigo.com/*"
],
"js": [
"scripts/src/irctcAutofill.js",
"scripts/src/irctcAutofillEventHandler.js"
],
"all_frames": false
},
{
"matches": [
"*://*.indianrail.gov.in/*",
"*://*.ixigo.com/*"
],
"js": [
"scripts/libs/jquery.min.js",
"scripts/src/train.js",
"scripts/src/trainAvailability.js",
"scripts/src/runningStatus.js"
],
"run_at": "document_end",
"all_frames": true
}
],
"chrome_url_overrides": {
"newtab": "ixitab.html"
},
"options_page": "options.html",
"options_ui": {
"chrome_style": true,
"page": "options.html"
},
"permissions": [
"tabs",
"http://*.indianrail.gov.in/*",
"*://*.ixigo.com/*",
"cookies",
"notifications",
"gcm",
"storage"
],
"web_accessible_resources": [
"images/*",
"fonts/*",
"styles/*"
],
"update_url": "http://clients2.google.com/service/update2/crx",
"content_security_policy": "script-src 'self' https://ssl.google-analytics.com https://api.bing.com/osjson.aspx object-src 'self'"
}

So it appears that Chrome "cancels" the loading of an iframe in a background page, presumably for security reasons. BUT it still processes correctly and can send and receive messages as you'd expect. I have a demo set up here that loads up an iframe in the background page, sends a message to it, and the iframe echos the message back.
Since the request is showing canceled, a third party library I'm using that happens to load up an iframe to try and get a new token, is failing and I'll need to reconfigure it to still hook in to the messaging even though it thinks that it didn't load properly.
You've never been able to access the DOM / window of an iframe directly through the background page, all events have to go through messages as a security precaution.
In addition, and perhaps more importantly to your actual issue, the error in connecting you are getting is to "localhost:35729/livereload", that address isn't defined in your manifest.json permission section and is likely being aborted by chrome due to that.
The code for posterity:
background.js
window.onload = function(){
var frame = document.createElement('iframe');
frame.src = 'https://crustyjew.github.io/ChromeExtensionBug/';
document.body.appendChild(frame);
window.addEventListener('message',function(e){
console.log("message received: " + JSON.stringify(e.data));
});
console.log('posting message to iframe');
frame.addEventListener('load',function(){
frame.contentWindow.postMessage("TestMessage","*");
});
};
manifest.json
{
"name": "BackgroundIframeBug",
"short_name": "BGIframeBug",
"version": "1.0.0",
"manifest_version": 2,
"background":{
"scripts":["background.js"]
},
"permissions":[
"<all_urls>"
]
}
echo page to load in iframe
index.js =>
window.onload=function(){
function receiveMessage(e){
console.log('received message');
var origin = event.origin || event.originalEvent.origin;
e.source.postMessage({'origin':origin,'message':e.data},"*");
}
window.addEventListener('message',receiveMessage);}
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
</head>
<body>
<script src="index.js"></script>
</body>
</html>

Looks like that server is down. I see the links you're referencing on NTES, but they don't actually go to a webpage right now. Try for yourself:
http://www.indianrail.gov.in/pnr_Enq.html
http://www.indianrail.gov.in/seat_Avail.html
http://www.indianrail.gov.in/
Additionally, if/when that portion of the site comes online, you would have clicked through a "disclosure page" that likely created a session state that follows you around while you're browsing. Attempting to iframe directly to the inside of such a walled garden would also create that ERR_CONNECTION_REFUSED warning. Which is what happened on this URL:
http://enquiry.indianrail.gov.in/ntes/
Its a common method meant to keep content from wandering. :)

Related

Dropbox API from Chrome extension: Denying load of chrome-extension://[...]

I'm having trouble integrating the Dropbox API with a Chrome extension. Upon trying to authenticate the Dropbox, the redirect to the Dropbox confirmation/permission page works just fine, but the redirect back to the Chrome app fails. This is the error in the console:
Denying load of chrome-extension://mlabibnomhfmephibijgghejmmmbigpi/chrome_oauth_receiver.h…sGbCG&token_type=bearer&uid=14169733&state=oas_hquvrf6k_0.ycudjb24vysexw29. Resources must be listed in the web_accessible_resources manifest key in order to be loaded by pages outside the extension.
It seems that Chrome is preventing Dropbox from redirecting back to a page within the extension. Several hours of experimenting with permissions have yielded nothing.
Here's the manifest.json:
{
"name": "MyApp",
"description": "Description",
"version": "1.0",
"icons": {"16":"icon.png",
"48":"icon.png",
"128":"icon.png"},
"manifest_version": 2,
"permissions": [
"http://*/*",
"https://*/*",
"<all_urls>",
"tabs",
"storage",
"background",
"bookmarks",
"clipboardRead",
"clipboardWrite",
"contentSettings",
"contextMenus",
"cookies",
"debugger",
"history",
"idle",
"management",
"notifications",
"pageCapture",
"topSites",
"webNavigation",
"webRequest",
"webRequestBlocking"
],
"background": {
"scripts": ["backgroundcollector.js"]
},
"browser_action": {
"default_icon": "icon.png"
},
"web_accessible_resources": [
"http://*/*",
"https://*/*",
"<all_urls>",
"chrome-extension://mlabibnomhfmephibijgghejmmmbigpi/chrome_oauth_receiver.html&response_type=token&state=oas_hquul1r4_0.1qwu7sh12pqzolxr",
"chrome-extension://*/*"
],
"content_security_policy": "script-src 'self' https://www.dropbox.com; object-src 'self'",
"key": "(included so that the extension gets a persistent extensionID)"
}
(The large number of permissions is the result of a lot of experimenting to get this to work. Obviously they'll be removed later.)
Thanks in advance!
You've got a truckload of trash in your manifest file...
To allow other web pages to redirect to a page within your extension, you have to put this file at "web_accessible_resources", without chrome-extension://.. prefix, like this:
"web_accessible_resources": [
"chrome_oauth_receiver.html"
],
You should request as few permissions as possible, see Declare permissions for a list of descriptions for each permission. I guess that you can get rid of almost every permission after reading that document.

Why chrome-extension doesn't change the images?

I am new to chrome-extension and currently studying it. Im reading http://talks.codegram.com/creating-basic-chrome-extensions#/basic_example_4 the css tweaks already works but not with the changing of image...
mainifest.json
{
"name": "TrollFaces",
"version" : "0.0.1",
"manifest_version" : 2,
"description": "Must turn Codegram team members pics into troll faces.",
"permissions": ["tabs", "http://*/*", "background"],
"browser_action": {"default_icon": "16x16.png","default_popup": "popup.html"},
"content_scripts": [
{
// Change 'matches' attribute to load content
// script only in pages you want to.
"js": ["jquery.min.js", "contentscript.js"],
"matches": ["http://*/*"],
"css": ["basics.css"]
}
]
}
contentscript.js
$(document).ready(function() {
// Trollface image must be at 'my_extension/images/trollface.jpg'.
var trollface = chrome.extension.getURL("images/trollface.jpeg");
$('#content article img').each(function(index, image){
$(image).attr('src', trollface);
});
});
using inspect element over the photo which is not displaying
<img alt="Txus" height="150" src="chrome-extension://fdigngaajlfopnpffgcapbdekkbicngb/images/trollface.jpeg" width="225">
In order for the image (or any resource) to be "usable in the context of a web page" you have to declare it as a web accessible resource in the relevant section of your manifest.json. E.g.:
In manifest.json:
...
"web_accessible_resources": [
"images/trollface.jpeg"
],
...

Chrome Extension Notification Exception: DOM Exception 18

I'm creating a chrome extension but I'm having some difficulties in use notifications webkit. When I try to display a notification, an exception is thrown:
Uncaught Error: SecurityError: DOM Exception 18
Bellow follow my Javascript code:
var icon = 'icon_48.png';
var title = 'Test Plugin';
var body = message;
var popup = window.webkitNotifications.createNotification(icon, title, body);
popup.show();
Bellow follow my manifest.json:
{
"name": "Test Plugin",
"version": "1.0.6",
"manifest_version": 2,
"description": "This is a test",
"browser_action": {
"default_icon": "images/icon_32.png",
"default_popup": "popup.html"
},
"icons": {
"128": "images/icon_128.png",
"16": "images/icon_32.png",
"48": "images/icon_48.png"
},
"permissions": [
"http://*/*",
"https://*/*",
"contextMenus",
"tabs",
"notifications",
"management",
"webRequest"
],
"content_scripts": [
{
"matches": ["<all_urls>"],
"js": ["webtoolkit-sha1.js","content.js"],
"run_at": "document_end",
"css" : ["css/style.css"]
}
],
"web_accessible_resources": ["webtoolkit-sha1.js","inject.js","icon_48.png"]
}
What am I doing wrong?
Thanks everybody!
Information Update:
manifest.json has the attribute notifications in permissions section but when I print the webkitNotifications.checkPermission() the result was 1 (PERMISSION_NOT_ALLOWED).
The notifications permission only applies to the extension's process. In order to get your code to work, a background (or event) page needs to be added, which creates the notification. The content script can use the messaging API to request the notification.

Background page function not triggered in google chrome:

I am using the following code to access the background page function in google chrome
popup.html
function sendRequest(ea,eb)
{
console.log("Inside");
chrome.extension.sendRequest({ea:ea,eb:eb},
function(response)
{
alert(response.farewell);
});
}
background.html
<html>
<body>
<script>
chrome.extension.onRequest.addListener(
function(request, sender, sendResponse) {
sendResponse({farewell: "goodbye"});
})
</html>
</body>
</script>
manifest.json
{
"name": "My First Extension",
"version": "1.0",
"manifest_version": 2,
"background": {
"page": "background.html"
},
"content_scripts": [
{
"matches": ["http://*/"],
"js": ["popup.js"]
}
],
"description": "The first extension that I made.",
"browser_action": {
"default_icon": "icon.png",
"default_popup": "mine.html"
},
"permissions": [
"tabs","http://*/","background"
],
"web_accessible_resources": ["loading.html","bu.png"]
}
However it does not print the alert. Can anyone tell me what i am doing wrong here?
Your HTML for background.html is extremely malformed and should be fixed;
<html>
<body>
<script>
chrome.extension.onRequest.addListener(
function(request, sender, sendResponse) {
sendResponse({farewell: "goodbye"});
})
</script>
</body>
</html>
Tags should be closed in the reverse order of them being open to maintain a correct hierarchy. Since you had not done so, the <script> element was malformed and contained invalid syntax </html></body> so would not be executed correctly.
Since you're using version 2 of the manifest you may want to consider abstracting the contents of this script element (ignoring all HTML) to its own file (e.g. background.js) and change your manifest to the following;
{
"name": "My First Extension",
"version": "1.0",
"manifest_version": 2,
"minimum_chrome_version": "18",
"background": {
"scripts": ["background.js"]
},
"content_scripts": [
{
"matches": ["http://*/"],
"js": ["popup.js"]
}
],
"description": "The first extension that I made.",
"browser_action": {
"default_icon": "icon.png",
"default_popup": "mine.html"
},
"permissions": [
"tabs","http://*/","background"
],
"web_accessible_resources": ["loading.html","bu.png"]
}
Notice that the background property now contains an array of strings representing JavaScript files to be loaded (in the order specified) in to a dynamically generated background page.
I've also set the minimum_chrome_version property to 18 as manifest version 2 should only be used when targeting this version of Chrome and above.
Developers should now only really need to use background pages instead of scripts when they need to support older versions of Chrome.
Edit
It just clicked that you're attempting to execute embedded JavaScript within your background page. Manifest version 2 introduces Content Security Policies which prohibit the execution of inline (e.g. onclick="showDialog();" and href="javascript:void(0);") and embedded JavaScript. This is why your background.html won't work and why background.js will. You will also want to ensure your popup.html doesn't contain any embedded JavaScript. The best workaround (and generally best practice anyway) is to abstract all JavaScript into its own file (e.g. popup.js) which is referenced by the HTML file. For example;
<script src="/popup.js"></script>

Chromium extension: javascript not executed

Making a simple plugin , which executes javascript when a page is loaded , and I want to execute different javascript on different page
But the following code wasn't working as expected , no "alert" was triggered:
background.html:
<html><body>
<script>
chrome.webRequest.onCompleted.addListener(
function(details) {
alert (details.url);
},
{
urls: ["*"],
types: ["main_frame"]
},
[]
);
</script>
</body></html>
manifest.json:
{
"name": "JS",
"background_page": "background.html",
"permissions": [
"webRequest",
"*"
],
"version":"0.10"
}
Alerts and console.log made from the background page of an extension simply aren't visible on the general pages.
If you want to see them, you have to open the background page : Go to the extensions settings page (menu tools/extensions) and click the "background.html" link below the name of your extension.
In your case it may be better, during development phase, to simply add the console.log and alerts in the content scripts (i.e. not the background page). So you can read them without opening the background page.
EDIT : as requested, an extension that will simply alert the location :
main.js :
alert(document.location.href);
manifest.json :
{
"name": "Any name",
"version": "3.3",
"background_page": "background.html",
"content_scripts": [
{
"matches": ["http://*/*"],
"all_frames" : true,
"run_at" : "document_end",
"js": [
"main.js"
]
}
]
}
Yes I tested it. And yes it's as painful as it sounds. You should use console.log instead of alert during your dev.