I am updating my Chrome extension's manifest version.
In my local machine, it works.
When I try to install via the test group, it shows the “Manifest file is invalid” error.
Here's my manifest:
{
"name": "MercadoLivre - Sugestões de busca",
"description" : "Busque no MercadoLivre direto da barra de endereços",
"version": "0.12",
"manifest_version": 2,
"icons": { "128": "logo.png" },
"background": {
"page": "background.html"
},
"content_security_policy": "script-src 'self' https://ssl.google-analytics.com; object-src 'self'",
"omnibox": { "keyword" : "ml" },
"permissions": [
"http://suggest.mlapps.com/jm/*"
]
}
How can I fix that?
Logging out and in worked for me.
For me, the error was a result of updating my plugin and then trying to install it immediately. When I waited a few minutes, the error no longer appeared. The Google Extension servers are probably out of sync for a few minutes during the time it takes to propagate the new update.
I had the same problem today. Restarting worked for me. I got the idea for it from a Chromium bug report. Though sometimes it is an actual packaging problem.
I got this error too , I think maybe your resources under a SkyDrive folder or some team code Management soft folder . Try to copy the resources to another path, such as desktop. package your plugin with the new path , then your may resolve it !
Related
Apparently resolving CORS problems is frustrating for everyone. I'm writing a Chrome extension for mturk and everything I found on resolving CORS has failed. Most of the solutions I found are server side to which I obviously don't have access. From what I've found there are about 1000 ways suggested using "content_security_policy" in my manifest none of which work. Is there someone out there that has knowledge of mturk extensions and how to resolve the CORS problem? TIA.
FWIW, this is the manifest without any CORS resolutions:
edited manifest
{
"manifest_version": 3,
"name": "Auto_Select",
"description": "This extension auto selects Mturk HITs",
"version": "1.0",
"action": {
"default_icon": "auto_select.png",
"type": "module",
"default_popup": "auto_select.html"
},
"permissions": [
"activeTab",
],
"host_permissions": [
"<all_urls>"
]
}
I am trying to publish the extension to chrome app store. I tried many times but getting rejected every time,
the menifest file is:-
{
"name": "App name",
"description": "Blank!",
"version": "0.0.0.1",
"manifest_version": 2,
"icons": {
"128": "icon.png"
},
"background": {
"page": "background.html",
"persistent": false
},
"browser_action": {
"default_icon": "icon.png",
"default_popup": "popup.html",
"default_title": "Name"
},
"content_scripts": [
{
"all_frames": true,
"css": ["css/main.css"],
"js": [
"js/jquery-3.1.0.min.js",
"js/popup.js",
"main.js",
"js/dashboard.js"
],
"matches": [
"*://*.facebook.com/*/*/requests/",
"*://*.facebook.com/*/*/requests",
"*://*.facebook.com/*"
],
"run_at": "document_end"
}
],
"content_security_policy": "script-src 'self' https://apis.google.com 'unsafe-eval'; object-src 'self'",
"update_url": "https://clients2.google.com/service/update2/crx",
"oauth2": {
"client_id": "xxxxxx-xxxxxxxxxx.apps.googleusercontent.com",
"scopes": [
"https://www.googleapis.com/auth/spreadsheets"
]
},
"permissions": [
"tabs",
"storage",
"notifications",
"identity",
"*://*.herokuapp.com/*"
],
"web_accessible_resources": ["*.png"]
}
THe answers that I am submitting is like so-
Permission justification
Error Due to the Host Permission, your extension may require an in-depth review which will delay publishing.
tabs- to get the current tab url or location.
storage - to store the user token for authentication and user specific data.
notifications - to show the messages to the user when they logged in or logged out.
identity - to authorize user using google
Host permission -
https://.facebook.com/ = to get the facebook page URL and get the facebook group Id from the url
https://.facebook.com//*/requests/ = to get the request page inside the facebook and hence to activate the extension feature related to that group
https://.herokuapp.com/ = to access the apis from the backend server and to manage all the basic functionality.
Remote code - Yes, I am using remote code - I have called the google api module (https://apis.google.com) for adding the data to the user's given google sheet.
I have tried more than 5 time in a row, still gets rejects with the same error.
Let me know where I am making mistake.
Nobody knows how Chrome performs their reviews but at a minimum you should carefully go over the permissions, remove the ones you don't need and restrict the ones you have. I don't know how your extension works but it looks like there's a ton you can do here:
"tabs - to get the current tab url or location" - You shouldn't need this permission to get the current tab URL, only for more invasive queries.
"https://.herokuapp.com/" - This should be limited to the host you need to communicate to. Why would you need to communicate to any Heroku app at all?
"storage - to store the user token for authentication and user specific data." - Are you sure you need this? Test without it.
"script-src ... 'unsafe-eval'" - This is a massive security risk. You'd be best to change your implementation to not need this.
"object-src 'self'" - Why do you need this? You probably don't.
For the content_security_policy, you'd be better adding "default-src 'none';" to remove all permissions, then only add in only the ones you need.
"Remote code - Yes, I am using remote code - I have called the google api module" - Why do you need remote code for this? You should be able to implement this with JavaScript contained within your app + HTTP requests.
Hope that helps. The opaque Chrome review process is horrible.
For me, I was getting that message not because it was failing the review, but because I had not yet filled out the box "Host permission justification". You need to fill out this in order to be able to submit, otherwise it fails the form validation as it's a mandatory field.
In my case host permission was required because I was using a regex for a content script in the manifest file.
After completing the host permission justification field, I was able to submit. As the message suggests, requiring this permission could mean the review takes longer than if it is not required.
I have found that it's necessary to submit the privacy policy and terms of services links to the chrome store account section.
Hope it worked for you also.
I am trying to publish an chrome extension with following manifest file.
Every time I publish my app it is getting rejected.
Updated
{
"manifest_version": 2,
"name": "Aiwozo",
"description": "AI Work Zone Web Automation Extension is an component developed for browser interaction to implement automation on web applications.",
"version": "1.1",
"icons": {
"16":"static/activate_icons/Aiwozo16.png",
"32":"static/activate_icons/Aiwozo32.png",
"64": "static/activate_icons/Aiwozo64.png",
"128":"static/activate_icons/Aiwozo128.png"
},
"background":{
"scripts":["background.js"]
},
"browser_action": {
"default_icon": {
"16":"static/activate_icons/Aiwozo16.png",
"32":"static/activate_icons/Aiwozo32.png",
"64": "static/activate_icons/Aiwozo64.png",
"128":"static/activate_icons/Aiwozo128.png"
},
"default_title": "Artificial Intelligence Work Zone"
},
"permissions": ["nativeMessaging", "<all_urls>"],
"web_accessible_resources": [ "css/general.css", "static/activate_icons/AIwozo16.png", "static/activate_icons/AIwozo32.png", "static/activate_icons/AIwozo64.png", "static/activate_icons/AIwozo128.png", "static/deactivate_icons/AIwozo16.png", "static/deactivate_icons/AIwozo32.png", "static/deactivate_icons/AIwozo64.png", "static/deactivate_icons/AIwozo128.png"]
}
It seems that Google now requires you, the developer, to provide an explanation of what your extension does (according to Single Purpose Policy) and an explanation of why specific permissions are needed.
This is on the Privacy tab of the "new" Developer Dashboard's listing:
Until those fields are filled out, Web Store blocks publishing of new extensions and updated versions of existing extensions.
On the plus side: it doesn't mean you have failed a review yet. So with good explanations you may be able to get this published. In your particualr case though, those are broad permissions + arbitrary code execution. It will be tough.
Try with
"version": "1.0",
Instead of
"version": "0.01",
I am trying to follow the tutorial here - https://developer.chrome.com/extensions/getstarted
But I keep getting the following error when I'm trying to build my extension:
TypeError: Cannot read property 'sync' of undefined
Here is my manifest file:
{
"name": "Getting Started Example",
"version": "1.0",
"description": "Build an Extension!",
"permissions": ["storage"],
"background": {
"scripts": ["background.js"],
"persistent": false
},
"manifest_version": 2
}
I have "permissions": ["storage"] included
I ran into this today. It seems if you get an error, it's not cleared even if you reload the extension - you have to explicitly clear the error seperately.
In chrome://extensions/ clicking on the extension in questions "Errors" button and then the "Clear all" button fixed the problem for me.
If the error does not disappear after you have declared "storage" in the manifest, and also reloaded the extension. In this case, uninstall the extension and install it again. The error will disappear.
Browsers are also buggy.
If you're attempting to access the chrome.storage API from the console, you must select the chrome extension (like shown below). Hope it's any help.
Make sure to Reload your extension in the extension Manager. Check the picture bellow:
I have an existing chrome extension in chrome web store with a similar manifest.json given below.
{
"manifest_version": 2,
"name": "Extension Name",
"short_name": "Short Name",
"description": "Some description",
"version": "1.0.83",
"icons" : {
"16": "something.png",
"32": "something.png",
"48": "something.png",
"96": "something.png",
"128": "something.png",
"512": "something.png"
},
"permissions": [ "tabs", "https://*/*", "http://*/*", "storage", "gcm" ],
"optional_permissions": [ "notifications", "webRequest", "webRequestBlocking" ],
"page_action": {
"default_icon": "styles/images/icon.png",
"default_title": "Name",
"default_popup": "popup.html"
},
"update_url": "https://clients2.google.com/service/update2/crx",
"content_security_policy": "script-src 'self' https://www.google-analytics.com https://d2xwmjc4uy2hr5.cloudfront.net; object-src 'self'",
"background": {
"scripts": ["scripts/jquery-2.1.1.min.js", "scripts/background.js"],
"persistent": true
},
"web_accessible_resources" : ["logo.png"],
"content_scripts": [
{
"js": ["scripts/jquery-2.1.1.min.js", "scripts/bigstuff.js"],
"run_at": "document_end",
"matches" : ["<all_urls>"]
}
]
}
Now I would like to customize the new tab page for the user, which requires me to modify the manifest and add the following details.
chrome_url_overrides": {
"newtab": "newtab.html"
}
Will adding this disable the extension for the existing users?
Your extension won't be disabled by Chrome (but see the end of this answer!). An updated extension is only disabled if the update introduces new permission warnings (warning: this list is incomplete).
To see what permission warnings are generated by the old and new extension, see the answer to What message is generated by the chrome “permissions” property in an extension manifest?
The following comment is an excerpt from Chromium's source code, near the logic that checks whether an extension update can be applied without user interaction:
// We keep track of all permissions the user has granted each extension.
// This allows extensions to gracefully support backwards compatibility
// by including unknown permissions in their manifests. When the user
// installs the extension, only the recognized permissions are recorded.
// When the unknown permissions become recognized (e.g., through browser
// upgrade), we can prompt the user to accept these new permissions.
// Extensions can also silently upgrade to less permissions, and then
// silently upgrade to a version that adds these permissions back.
//
// For example, pretend that Chrome 10 includes a permission "omnibox"
// for an API that adds suggestions to the omnibox. An extension can
// maintain backwards compatibility while still having "omnibox" in the
// manifest. If a user installs the extension on Chrome 9, the browser
// will record the permissions it recognized, not including "omnibox."
// When upgrading to Chrome 10, "omnibox" will be recognized and Chrome
// will disable the extension and prompt the user to approve the increase
// in privileges. The extension could then release a new version that
// removes the "omnibox" permission. When the user upgrades, Chrome will
// still remember that "omnibox" had been granted, so that if the
// extension once again includes "omnibox" in an upgrade, the extension
// can upgrade without requiring this user's approval.
The chrome_url_overrides permission.
When I follow the above steps with the following manifest.json,
{
"name": "Permission test",
"version": "1",
"manifest_version": 2,
"chrome_url_overrides": { "newtab": "manifest.json" }
}
Then I get a permission dialog without any warnings ("This extension requires no special permissions."). So Chrome (tested with 54 and earlier) will not disable your extension if you add this manifest key in an update.
That does not mean that you can now publish the extension without losing users. The New Tab page is frequently viewed by users, if you change it without their consent, then the users may remove your extension if they want to regain control over their New Tab page.
And carefully review the Single Purpose Policy of the Chrome Web Store: If you, for example, start replacing the NTP with an advert-laden page that is not related to your extension's functionality, the Chrome Web Store listing may be taken down by the store curators.