I'm building an internal extension for my company. Since it's an internal tool, I don't want to publish it on the Chrome Web Store.
To be able to self-host the browser extension, I'm doing the following steps:
(before): I created a .pem to sign the extension (+ keep a constant extension id across updates)
I'm building the source code
I'm packing and signing the extension with chrome using chromium --pack-extension=./build_dir/ --pack-extension-key=./key.pem
I'm updating the update.xml file to reflect the new version number
I uploaded the signed .crx and update.xml
I have a website with a link pointing to the .crx file. The issue is the following: when clicking on it, the file is downloaded and chrome understands it's a browser extension. Then: I'm getting "Package is invalid crx_required_proof_missing".
What am I missing?
What can I do to be able to install a self-hosted extension after downloading the extension?
Notes:
I am aware that I can extract the .crx content and load the extension as "unpacked", but that's not what I'm looking for: deployment will be more complex (more manual steps) and updates will not be automatic.
The .crx file seems to be served with the right headers and is publically accessible. The update file is also correct and accessible.
Info:
Yes, the manifest contains properties key and update_url.
When dragging/dropping the .crx file in chrome://extensions (in dev mode): the extension is installed but I'm getting a red warning on the extension card: "This extension is not listed in the Chrome Web Store and may have been added without your knowledge"
When dragging/dropping the .crx file in chrome://extensions (without dev mode):
The extension is not installed and I'm getting: "Package is invalid crx_required_proof_missing".
When dragging/dropping the .crx file in chrome://extensions (with CHROMIUM and dev mode):
The extension is properly installed and working.
I have my own extension which I want to install without user interaction. I packed it into a .crx file and entered these values in the registry:
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\[ID]
"version"="1.0"
"path"="[crx Path]"
I tried both current user and local machine without success.
This was working before. My extension can be installed by using developer mode and dragging and dropping the crx file into chrome extensions. But I want to install without user interaction.
Is registry installation not allowed anymore?
even though you create a registry entry, Chrome will not use the local crx file for installation.
you need to supply: update_url with string value set to "https://clients2.google.com/service/update2/crx".
Upon chrome launch, Google will fetch the extension from web-store and show notification that'd let user install the extension.
Back in old days you'd side-load extensions. Those days are long gone.
Now you need to publish extension in webstore, and point update_url to store.
There are some exceptions (specifically for enterprise users with group policy settings) as mentioned in comments.
How do I disable Google Chrome extension autoupdate?
Solutions I've found for this:
1. Disabling a concrete extension update
That's what I wanted!
You can do this by editing the extension's manifest.json file:
On Windows: C:\Users\<USERNAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\<EXTENSION-ID>\<VERSION>\manifest.json (find out the extension's ID by enabling Developer Mode in the extension settings page)
On MacOS: Open /Users/USERNAME/Library/Application Support/Google/Chrome/Default/Extensions/EXTENSION-ID/VERSION/manifest.json in a text editor.
On Ubuntu for Chromium: ${HOME}/.config/chromium/Default/Preferences
In this file, set the "update_url" property to something invalid like "https://localhost" for example. For the given url, it makes auto-updating that extension as simply impossible.
Source: https://productforums.google.com/d/msg/chrome/l3zOZeO-5-M/Y7VaR0KCWNIJ
2. Disabling all Google Chrome extension updates
For any OS: Just type chrome://plugins/ at address bar and turn Google Update plugin off. Source: How to disable Google Chrome auto update?
For Windows OS: Set Registry values:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Update]
"AutoUpdateCheckPeriodMinutes"=dword:00000000
"UpdateDefault"=dword:00000000
Source: Making Google Chrome leave itself alone
If the chrome extension is on Github (which many if not most of them are), you can simply:
(1.) clone the Github repo,
(2.) reset the head to the version that you want, and
(3.) enable Developer Mode at chrome://extensions/
(4.) select the "Load unpacked" option from chrome://extensions/, and then select the folder enclosing the source code for the extension.
I recently used this technique to downgrade my version of Reddit Link Opener, which no longer supports users who have opted out of using that site's redesign. This worked for me on MacOS, but should work on all platforms.
If the extension is loaded as an unpacked extension (in the manner described above), it will NOT auto-update to a newer version.
Disabling update for a specific extension:
This can be achieved with the system policies, (more details here)
For Linux :
Get the installed extensions list (IDs), this can be found with ls -l ~/.config/google-chrome/Default/Extensions or chrome://extensions
Create the necessary directory if not present mkdir -p /etc/opt/chrome/policies/managed (with root)
Create the needed file policies file touch /etc/opt/chrome/policies/managed/google-chrome.json
Edit that file with the code bellow
open the page chrome://policy/ and reload the policies
{
"ExtensionSettings": {
"ghijklmnopabcdefghijklmnopabcdef": {
"update_url": "https://127.0.0.1/update_url",
"override_update_url": true
},
"YOUR-EXTENSION-ID-LIKE-THE-PREVIOUS-EXAMPLE": {
"update_url": "https://127.0.0.1/update_url",
"override_update_url": true
}
}
}
Note: this can not be applied widely to all extensions in a single rule and also for each newly installed extension the file need to be updated
Hi all those solitions for me have one disadvantage is that all extensions have no updates, I needed to stop only for one extension in this case and wanted al the other to keep making updates.
I think I found the solutuion for windows
Go to
C:\Users\YOUR_NAME_HERE\AppData\Local\Google\Chrome\User Data\Default\Extensions\YOUR_FOLDER APP HERE\
In that folder app click in properties and select read only an aplly that to all subfolders and files... for now for me solved the problem !!!
Regards xichas
this is a complementary answer to the accepted one https://stackoverflow.com/a/27657703/1422630 , allowing disable all at once on chromium
this is also only for linux (may be run on windows thru cygwin tho, not tested..)
this script will
backup the prefs file,
modify it,
if didnt succeed will output "FAILED"
show the differences using meld if installed
#!/bin/bash
set -ue
strPref="$HOME/.config/chromium/Default/Preferences"
cat "$strPref" |egrep "\"update_url[^,]*," -o |sort -u
read -p "existing unique urls above..." -n 1
strBkp="${strPref}.`date +"%Y%m%d%H%M%S"`.bkp"
if cp -v "$strPref" "$strBkp";then
strUpdUrl="clients2.google.com/service/update2/crx" #change this if needed #TODO should match any URL...
sed -i -r "s#(update_url\":\"https{,1}://)(${strUpdUrl})#\1127.0.0.1#g" "$strPref"
if grep "$strUpdUrl" "$strPref";then echo FAILED >&2;exit 1;fi
cmdDiff=colordiff
if which meld;then cmdDiff=meld;fi
#$cmdDiff <(cat "$strPref" |egrep "\"update_url[^,]*," -o) <(cat "$strBkp" |egrep "\"update_url[^,]*," -o)
$cmdDiff <(cat "$strPref" |sed -r 's#","#",\n"#g') <(cat "$strBkp" |sed -r 's#","#",\n"#g')
fi
tested on chromium: Version 63.0.3239.84 (Official Build) Built on Ubuntu , running on Ubuntu 16.04 (64-bit)
obs.: that script also works for google-chrome, just change the preferences file path
After updating Google Chrome to v60, no solution found on the Internet has helped me
So i just blocked IP addresses, used for updating, by doing following steps:
Opened Chrome with blank browser tab
Waited, until extension
autoupdate begins, by looking on to network tab in Resource
Monitor
Wrote out all the IP addresses with high download rate. My IP address list was:
64.233.161.94
64.233.161.102
64.233.163.95
74.125.238.132
108.177.14.138
173.194.73.132
173.194.222.102
216.58.209.110
216.58.209.97
173.194.222.99
173.194.32.227
173.194.113.172
173.194.32.224
195.216.237.77
74.125.232.170
143.215.130.61
74.125.238.147
173.194.122.137
173.194.44.66
173.194.44.67
173.194.44.95
173.194.122.136
74.125.232.183
74.125.232.171
Created outbound rule for chrome.exe in Windows Firewall and added listed IP addresses to blocklist
After I enabled this rule, chrome was unable to update my extensions.
Just (re)install the extension via Load unpacked.
Let's suppose "Roboform Password Manager" extension version 8.6.5.5 dropped some important functionality, so you want to keep version 8.6.2.2 installed.
Go to chrome://extensions/
Enable Developer mode
Get the required version of the plugin:
If Chrome still got the version you need:
Utilize Pack extension button on the plugin details page.
Just copy the extension folder, e.g. C:\Users\%USERNAME%\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob. The extension id is visible in the url bar, on the plugin details page, e.g. chrome://extensions/?id=pnlccmojcmeohlpggmfnbbiapkmbliob.
If the version you need was overwritten already:
Get appropriate ".crx" from some extensions archive
Look for ".crx" in "C:\Program Files\..." (applications/installers sometimes bundle original ".crx" versions, unaffected by any updates)
Unzip (e.g. with 7-zip) your ".crx" (or paste the extension folder contents) to a non-temporary folder - you would have to keep those files in place until you uninstall the extension.
Click Load unpacked, select that folder.
If you just drag&drop the ".crx" file, Chrome extension details would show Source=Chrome Web Store, and it would get updated as soon as you click Update extensions now. But for an unpacked extension, you get a special "Unpacked extension" overlay icon, Source=Unpacked extension and it won't get updated.
Just tested on Chrome 79.0.3945.88 (64-bit), Windows.
Now, Chrome shows "Disable developer mode extensions" popup on each startup. Personally, I just manually dismiss them each time. I do not re-start Chrome too often.
Currently, the only way to install a Chrome extension (while working in development) is to drag it from the desktop onto the browser and click "Add" on the popup window. I would prefer to make the whole process automatic. I currently build, package and sign my CRX programatically, but am stuck with the final manual step. Is this possible?
I tried creating my own URL from which to install the CRX (see here: After adding ExtensionInstallSources preference with my URL to Chrome Preferences, still won't allow installing ".crx" packaged app ) but this did not work.
I want this install to be permanent, not a temporary install that only lasts during the current run..
That's an old question, but you recently updated it, so..
There are no fully automated ways to do it besides Enterprise Policy, which only rarely applies. If that is not an option, you're out of luck. This was a security decision in 2014 by Chrome team, because malware that did that was rampant. Here's a latest post on this topic.
On a Windows machine, the Enterprise Policy force_install is the only no-confirmation one, but it requires a machine in a Windows Domain and admin rights in said domain to enable. I'm not 100% sure how it works on Linux/Mac, but here's a relevant FAQ.
There is a programmatic method of installing extensions, but it now only applies to extensions that are published in CWS (so that Google can pull the plug in case of abuse). It is described here, but will still require a manual approval from the user when the browser starts for the first time after this is added. That's how, for instance, various legitimate bundled extensions like Skype's Click-to-call are installed.
For unpacked extensions, you can run with the command line flag:
<path to chrome> --load-extension=<path to extension directory>
For installing a packaged extension in a .crx file, you can use the "external extensions" mechanism to automatically install from either an autoupdate url or a local path:
https://developer.chrome.com/extensions/external_extensions
Two things of note:
-Because this mechanism is intended mostly for distribution to end-users and not for testing, there is a confirmation dialog that allows the user to opt in to the install.
-We may eventually be deprecating the local path based installs in places where we're enforcing the "must be from the webstore" restriction, and only support the autoupdate url (which must be the webstore update url) approach.
I use Windows 7(64bit) and repeat steps in Google Document.
This is what I added in register.
In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nbfjanngloflombfddlmkgnambnfhgjc
path="C:\Extension.crx"
version="2.1"
But extension isn't install.
Before testing .crx file distribution,
I installed and uninstalled this extension with unpacked files many times by UI(chrome://extensions) for development and tested setting policy by using register. (But I removed all of them now.)
Does it cause any problem?
But when I tested same thing in another clean PC(Windows XP 32bit) nothing is changed, too.
I already checked some common mistakes in Google Document several times, but I can't find any mistakes.
- Not specifying the same id/version as the one listed in the .crx
- Key created in the wrong location in the registry
- Registry entry points to the wrong path to the .crx file (or path specified but no filename)
- Permissions problems on a network share
Are there other common mistakes I should check to install external extension?
According to this page - https://developer.chrome.com/extensions/external_extensions -
it is no longer possible to use the registry method to install locally-hosted .crx files.
in fact, the only allowed extension are those from Google's Extension gallery.
See a quote below from Google's policy page:
An extension that's installed automatically is known as an external extension. Google Chrome supports two ways of installing external extensions:
-Using a preferences JSON file (Mac OS X and Linux only)
-Using the Windows registry (Windows only)
Both ways support installing an extension hosted at an update_URL. In the Windows registry, the update_URL must point to the Chrome Web Store where the extension is hosted.
The extension-ID cannot be chosen at random.
I've installed your .crx file in Chromium 18 (Linux), and Chrome 18 (Windows 7 in VirtualBox), and the correct extension-ID is: lhmigopickaaleaaelbppeabnbdgcdhe
The version number has to match. In the manifest.json file, in the extension, I see "version": "1.0". So, the version entry in the registry has to be 1.0.
I was not able to install the extension via the registry using the steps from the Documentation. I've found two right ways to install the extension through the registry. Create a .reg file, and paste the text below to install the extension:
set_page_color_chrome-extension.reg (based on this file, md5: 10a1b95c249a2481bc88d3d1aead0e33).
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lhmigopickaaleaaelbppeabnbdgcdhe]
"version"="1.0"
"path"="C:\\set_page_color.crx"
Replace HKEY_LOCAL_MACHINE with HKEY_CURRENT_USER if you're running in permission trouble, or if you want to install the extension only for the current user.