How do I disable Google Chrome extension autoupdate?
Solutions I've found for this:
1. Disabling a concrete extension update
That's what I wanted!
You can do this by editing the extension's manifest.json file:
On Windows: C:\Users\<USERNAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\<EXTENSION-ID>\<VERSION>\manifest.json (find out the extension's ID by enabling Developer Mode in the extension settings page)
On MacOS: Open /Users/USERNAME/Library/Application Support/Google/Chrome/Default/Extensions/EXTENSION-ID/VERSION/manifest.json in a text editor.
On Ubuntu for Chromium: ${HOME}/.config/chromium/Default/Preferences
In this file, set the "update_url" property to something invalid like "https://localhost" for example. For the given url, it makes auto-updating that extension as simply impossible.
Source: https://productforums.google.com/d/msg/chrome/l3zOZeO-5-M/Y7VaR0KCWNIJ
2. Disabling all Google Chrome extension updates
For any OS: Just type chrome://plugins/ at address bar and turn Google Update plugin off. Source: How to disable Google Chrome auto update?
For Windows OS: Set Registry values:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Update]
"AutoUpdateCheckPeriodMinutes"=dword:00000000
"UpdateDefault"=dword:00000000
Source: Making Google Chrome leave itself alone
If the chrome extension is on Github (which many if not most of them are), you can simply:
(1.) clone the Github repo,
(2.) reset the head to the version that you want, and
(3.) enable Developer Mode at chrome://extensions/
(4.) select the "Load unpacked" option from chrome://extensions/, and then select the folder enclosing the source code for the extension.
I recently used this technique to downgrade my version of Reddit Link Opener, which no longer supports users who have opted out of using that site's redesign. This worked for me on MacOS, but should work on all platforms.
If the extension is loaded as an unpacked extension (in the manner described above), it will NOT auto-update to a newer version.
Disabling update for a specific extension:
This can be achieved with the system policies, (more details here)
For Linux :
Get the installed extensions list (IDs), this can be found with ls -l ~/.config/google-chrome/Default/Extensions or chrome://extensions
Create the necessary directory if not present mkdir -p /etc/opt/chrome/policies/managed (with root)
Create the needed file policies file touch /etc/opt/chrome/policies/managed/google-chrome.json
Edit that file with the code bellow
open the page chrome://policy/ and reload the policies
{
"ExtensionSettings": {
"ghijklmnopabcdefghijklmnopabcdef": {
"update_url": "https://127.0.0.1/update_url",
"override_update_url": true
},
"YOUR-EXTENSION-ID-LIKE-THE-PREVIOUS-EXAMPLE": {
"update_url": "https://127.0.0.1/update_url",
"override_update_url": true
}
}
}
Note: this can not be applied widely to all extensions in a single rule and also for each newly installed extension the file need to be updated
Hi all those solitions for me have one disadvantage is that all extensions have no updates, I needed to stop only for one extension in this case and wanted al the other to keep making updates.
I think I found the solutuion for windows
Go to
C:\Users\YOUR_NAME_HERE\AppData\Local\Google\Chrome\User Data\Default\Extensions\YOUR_FOLDER APP HERE\
In that folder app click in properties and select read only an aplly that to all subfolders and files... for now for me solved the problem !!!
Regards xichas
this is a complementary answer to the accepted one https://stackoverflow.com/a/27657703/1422630 , allowing disable all at once on chromium
this is also only for linux (may be run on windows thru cygwin tho, not tested..)
this script will
backup the prefs file,
modify it,
if didnt succeed will output "FAILED"
show the differences using meld if installed
#!/bin/bash
set -ue
strPref="$HOME/.config/chromium/Default/Preferences"
cat "$strPref" |egrep "\"update_url[^,]*," -o |sort -u
read -p "existing unique urls above..." -n 1
strBkp="${strPref}.`date +"%Y%m%d%H%M%S"`.bkp"
if cp -v "$strPref" "$strBkp";then
strUpdUrl="clients2.google.com/service/update2/crx" #change this if needed #TODO should match any URL...
sed -i -r "s#(update_url\":\"https{,1}://)(${strUpdUrl})#\1127.0.0.1#g" "$strPref"
if grep "$strUpdUrl" "$strPref";then echo FAILED >&2;exit 1;fi
cmdDiff=colordiff
if which meld;then cmdDiff=meld;fi
#$cmdDiff <(cat "$strPref" |egrep "\"update_url[^,]*," -o) <(cat "$strBkp" |egrep "\"update_url[^,]*," -o)
$cmdDiff <(cat "$strPref" |sed -r 's#","#",\n"#g') <(cat "$strBkp" |sed -r 's#","#",\n"#g')
fi
tested on chromium: Version 63.0.3239.84 (Official Build) Built on Ubuntu , running on Ubuntu 16.04 (64-bit)
obs.: that script also works for google-chrome, just change the preferences file path
After updating Google Chrome to v60, no solution found on the Internet has helped me
So i just blocked IP addresses, used for updating, by doing following steps:
Opened Chrome with blank browser tab
Waited, until extension
autoupdate begins, by looking on to network tab in Resource
Monitor
Wrote out all the IP addresses with high download rate. My IP address list was:
64.233.161.94
64.233.161.102
64.233.163.95
74.125.238.132
108.177.14.138
173.194.73.132
173.194.222.102
216.58.209.110
216.58.209.97
173.194.222.99
173.194.32.227
173.194.113.172
173.194.32.224
195.216.237.77
74.125.232.170
143.215.130.61
74.125.238.147
173.194.122.137
173.194.44.66
173.194.44.67
173.194.44.95
173.194.122.136
74.125.232.183
74.125.232.171
Created outbound rule for chrome.exe in Windows Firewall and added listed IP addresses to blocklist
After I enabled this rule, chrome was unable to update my extensions.
Just (re)install the extension via Load unpacked.
Let's suppose "Roboform Password Manager" extension version 8.6.5.5 dropped some important functionality, so you want to keep version 8.6.2.2 installed.
Go to chrome://extensions/
Enable Developer mode
Get the required version of the plugin:
If Chrome still got the version you need:
Utilize Pack extension button on the plugin details page.
Just copy the extension folder, e.g. C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob. The extension id is visible in the url bar, on the plugin details page, e.g. chrome://extensions/?id=pnlccmojcmeohlpggmfnbbiapkmbliob.
If the version you need was overwritten already:
Get appropriate ".crx" from some extensions archive
Look for ".crx" in "C:\Program Files\..." (applications/installers sometimes bundle original ".crx" versions, unaffected by any updates)
Unzip (e.g. with 7-zip) your ".crx" (or paste the extension folder contents) to a non-temporary folder - you would have to keep those files in place until you uninstall the extension.
Click Load unpacked, select that folder.
If you just drag&drop the ".crx" file, Chrome extension details would show Source=Chrome Web Store, and it would get updated as soon as you click Update extensions now. But for an unpacked extension, you get a special "Unpacked extension" overlay icon, Source=Unpacked extension and it won't get updated.
Just tested on Chrome 79.0.3945.88 (64-bit), Windows.
Now, Chrome shows "Disable developer mode extensions" popup on each startup. Personally, I just manually dismiss them each time. I do not re-start Chrome too often.
Related
Today (Mar, 15, 2016) chrome stopped working with the --disable-web-security flag. I have tried the following options described in various posts:
1) Kill all instances of Chrome.exe in the windows task manager.
2) add the --use-data-dir flag, there is a current post regarding this, but the answers there do not work anymore
Here is my script I am using:
start chrome.exe --disable-web-security --allow-running-insecure-content --use-data-dir=c:/temp/chrome_dev
Chrome opens under this script with the disable security warning but localhost cross domain calls still fail:
I have solutions that are using --disable-web-security.
Finally I found solution. Now chrome just will accept it if you set --user-data-dir together.
You will have different instances when you use it.
Try it:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --user-data-dir="D:\chrome"
For linux
google-chrome --user-data-dir=”/var/tmp/Chrome” --disable-web-security
I suggest a temp directory
Just for OS X user, this worked for me (on El Capitan): /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security --user-data-dir="<some-dir>"
Also works on Yosemite 10.10.5. Please note that --user-data-dir may no longer be left empty. You have to specify some dir.
This doesn't work anymore, since Chrome 80. You have to specify a non-default --user-data-dir to make it work now.
Original answer:
You can use your existing data dir, if you don't want to create a new one.
So on Linux the command to start unsafe Chrome will be something like this:
google-chrome --user-data-dir=/home/<your username>/.config/google-chrome --disable-web-security
But don't use this Chrome instance for anything except development or debugging, since it's open for a vast amount of web attacks.
This works with chrome 61 too for me -
chrome.exe --user-data-dir="C:/Chrome dev session" --disable-web-security
Update: I have found a permanent solution for this disable web security issue.
step 1: create 1 chrome app shortcut on desktop and rename it anything like "disabled-security.exe"
step 2: right click on icon and go to properties => change target input box to something like following eg. and save it.
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --disable-site-isolation-trials --user-data-dir=c:\chromeSession
step 3: launch this app, it will work fine as expected
Note: everytime you need to clear folder "c:\chromeSession" before opening this app
Do not disable web security. You're opening your accounts to attacks and your local files to being stolen.
Instead use a simple web server. It will take you all of 2 minutes to install and use. Here's one with a gui, and here's several more that run from the command-line
I've written an extension for Google Chrome that will be released with the next version of our product. I want to understand what properties, paths for extraction, registry entries, etc. should I provide the installer of my product so that the end user doesn't have to install the extension on their own manually, and the installer does the complete job of installing the extension, and also notifies the user that the extension has been installed. As of now, the code that I have written is placed in a folder, and I use the "Load Unpackaged Extension" to load the extension. What should I do to achieve the aforementioned task?
Google's current policy on installing extensions via the registry (for Windows machines) is this:
Only extensions from the Google Extension Gallery (or Chrome Web Store - CWS) can be installed via the registry.
See this link - https://developer.chrome.com/extensions/external_extensions - for information on how this can be done. Keep in mind the following:
-This technique will still pop-up a msgbox to the user. its not completely silent.
-When using this technique, if the user subsequently removes the extension from her Chrome, the extension gets "blacklisted" on that chrome and will not re-auto-install until the user re-install it
manually. refer to Auto-installing a google chrome extension won't work ! for details.
Chrome has a couple ways of installing extensions programmatically:
http://www.chromium.org/administrators/pre-installed-extensions
Edit: yes, this policy has changed by now, as FuzzyAmi points out.
If you're using GNU/Linux, this is how you pre-install an extension from the chrome web store for all users:
/etc/chromium/policies/managed/yourextension_policy.json
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
{
"ExtensionInstallForcelist": [
"yourextensionuniqueidentifiersup;https://clients2.google.com/service/update2/crx",
"yourextensionuniqueidentifiersup"
]
}
Reference
metamask-chrome - AUR
I have developed a Chrome extension and I have packed it.
I sent my extension to some people to try it, but Chrome started to block extensions that it does not find in the store.
Is there any way to install my extension without getting blocked by Chrome?
EDIT
Is there any way to install extension as developer mode? I read that only extensions that installed in developer mode will not blocked.
For regular Windows users who are not skilled with computers, it is practically not possible to install and use extensions from outside the Chrome Web Store.
Users of other operating systems (Linux, Mac, Chrome OS) can easily install unpacked extensions (in developer mode).
Windows users can also load an unpacked extension, but they will always see an information bubble with "Disable developer mode extensions" when they start Chrome or open a new incognito window, which is really annoying. The only way for Windows users to use unpacked extensions without such dialogs is to switch to Chrome on the developer channel, by installing https://www.google.com/chrome/browser/index.html?extra=devchannel#eula.
Extensions can be loaded in unpacked mode by following the following steps:
Visit chrome://extensions (via omnibox or menu -> Tools -> Extensions).
Enable Developer mode by ticking the checkbox in the upper-right corner.
Click on the "Load unpacked extension..." button.
Select the directory containing your unpacked extension.
If you have a crx file, then it needs to be extracted first. CRX files are zip files with a different header. Any capable zip program should be able to open it. If you don't have such a program, I recommend 7-zip.
These steps will work for almost every extension, except extensions that rely on their extension ID. If you use the previous method, you will get an extension with a random extension ID. If it is important to preserve the extension ID, then you need to know the public key of your CRX file and insert this in your manifest.json. I have previously given a detailed explanation on how to get and use this key at https://stackoverflow.com/a/21500707.
For Windows, you can also whitelist your extension through Windows policies. The full steps are details in this answer, but there are quicker steps:
Create the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallAllowlist.
For each extension you want to whitelist, add a string value whose name should be a sequence number (starting at 1) and value is the extension ID.
For instance, in order to whitelist 2 extensions with ID aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa and bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb, create a string value with name 1 and value aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, and a second value with name 2 and value bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb. This can be sum up by this registry file:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallAllowlist]
"1"="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"2"="bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"
EDIT: actually, Chromium docs also indicate how to do it for other OS.
EDIT (06/05/2022): ExtensionInstallWhitelist is deprecated since Chrome 100, it has been renamed to ExtensionInstallAllowlist (answer updated)
I found the new change that you can't install Chrome extensions/userscripts without saving them and dragging them into Chrome quite annoying. As such I have set forth to revert this to the old way it was.
I read the documentation here: http://www.chromium.org/administrators/policy-list-3#ExtensionInstallSources that says to add a registry key and so I have done, as shown below. However when attempting to install an extension I still get an error that they can only be installed from the Chrome webstore. Did I add the registry entries wrong or something?
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallSources]
"1"="http://*"
"2"="https://*"
This answer is obsolete as of Chrome 36
Instead of editing the registry, you can also make Chrome to behave in the old way via the --enable-easy-off-store-extension-install flag.
Under Windows, create a shortcut to your Chrome executable. Then edit the shortcut, and append --enable-easy-off-store-extension-install to "Target". See the screenshot below:
Some observations:
I've added the --enable-easy-off-store-extension-install flag after chrome.exe.
After starting Chrome, I visited a website that links to a .crx file that is not hosted in the Chrome web store.
Because of the flag, Chrome 20 doesn't show the "Extensions, apps, and user scripts can only be added from the Chrome Web Store" message any more. Instead (see bottom), Chrome asks me whether it's OK to install the extension - exactely as before.
This command line switch also works for Chromium/Chrome, under Linux and OSX.
If you ever find yourself in the situation where the --enable-easy-off-store-extension-install flag doesn't work (e.g. future version?) or you don't want to use it, then there is an alternative method.
You can install extensions with a plain vanilla install of Chrome by dragging .CRX extension files onto the Extensions panel in Settings.
I've written an extension for Google Chrome that will be released with the next version of our product. I want to understand what properties, paths for extraction, registry entries, etc. should I provide the installer of my product so that the end user doesn't have to install the extension on their own manually, and the installer does the complete job of installing the extension, and also notifies the user that the extension has been installed. As of now, the code that I have written is placed in a folder, and I use the "Load Unpackaged Extension" to load the extension. What should I do to achieve the aforementioned task?
Google's current policy on installing extensions via the registry (for Windows machines) is this:
Only extensions from the Google Extension Gallery (or Chrome Web Store - CWS) can be installed via the registry.
See this link - https://developer.chrome.com/extensions/external_extensions - for information on how this can be done. Keep in mind the following:
-This technique will still pop-up a msgbox to the user. its not completely silent.
-When using this technique, if the user subsequently removes the extension from her Chrome, the extension gets "blacklisted" on that chrome and will not re-auto-install until the user re-install it
manually. refer to Auto-installing a google chrome extension won't work ! for details.
Chrome has a couple ways of installing extensions programmatically:
http://www.chromium.org/administrators/pre-installed-extensions
Edit: yes, this policy has changed by now, as FuzzyAmi points out.
If you're using GNU/Linux, this is how you pre-install an extension from the chrome web store for all users:
/etc/chromium/policies/managed/yourextension_policy.json
‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
{
"ExtensionInstallForcelist": [
"yourextensionuniqueidentifiersup;https://clients2.google.com/service/update2/crx",
"yourextensionuniqueidentifiersup"
]
}
Reference
metamask-chrome - AUR