Extension suddenly marked as corrupted or malware
2,359 views
Skip to first unread message
Will Christiansen
Sep 17, 2014, 2:44:33 AM9/17/14
to chromium-...@chromium.org
One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
Thanks in advance!
I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
Thanks in advance!
Josh
Sep 17, 2014, 11:59:21 AM9/17/14
to chromium-...@chromium.org
If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
Will Christiansen
Sep 17, 2014, 12:26:39 PM9/17/14
to chromium-...@chromium.org
So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
David Levin
Sep 17, 2014, 12:36:42 PM9/17/14
to Will Christiansen, Chromium-extensions
You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
dave
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/8c6e0297-4731-41e8-9caa-821cabc0bb91%40chromium.org.--
You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
To post to this group, send email to chromium-...@chromium.org.
Visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/.
roc...@chromium.org
Sep 17, 2014, 1:27:29 PM9/17/14
to chromium-...@chromium.org, wchrist...@gmail.com
Some extensions incorrectly ignore case when referencing their resources (e.g. you have a file 'foo.js' referenced in code as 'Foo.js'). These errors can go unnoticed on systems like Windows or OS X with case-insensitive filesystems, but they will still cause unexpected failures on Chrome OS and Linux.
It was recently discovered, however, that these case mismatches will cause content verification to fail (and thus disable the extension) even on Windows or OS X: the actual resource exists according to the filesystem, but its signed hashes do not according to the case-sensitive dictionary used by verification.
We are going to be addressing this bug, but in the meantime if this is biting your extension, you should make sure your resource names are referenced using the proper case. If they are not, the extension is likely already broken on Chrome OS and Linux anyway.
Will Christiansen
Sep 17, 2014, 9:58:51 PM9/17/14
to chromium-...@chromium.org, wchrist...@gmail.com, roc...@chromium.org
I've looked through my files and none of them are empty. They all have some sort of content in them so I don't think it's related to https://code.google.com/p/chromium/issues/detail?id=404802. I also went through and checked my file names and all of them are in lowercase only so I don't think that the case sensitivity is the problem either. I do however have my final versions of code minimized with name like "background.min.js" although I don't think that would fall into the first two issues. Even setting the chrome://flags/#extension-content-verification option to "Bootstrap" it wouldn't allow the extension to be enabled. Any other thoughts or information I can supply to hopefully find the root cause of this? Thanks again for eveyone's help.
On Wednesday, September 17, 2014 12:27:29 PM UTC-5, roc...@chromium.org wrote:
On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
> You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
>
>
> Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
>
> dave
>
>
> On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
>
>
> On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
> If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
> One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> Thanks in advance!
>
>
>
>
>
>
> --
>
> You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
>
> To post to this group, send email to chromium-...@chromium.org.
>
> Visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/.
>
> To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/8c6e0297-4731-41e8-9caa-821cabc0bb91%40chromium.org.
>
>
>
> For more options, visit https://groups.google.com/a/chromium.org/d/optout.
On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
> You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
>
>
> Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
>
> dave
>
>
> On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
>
>
> On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
> If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
> One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> Thanks in advance!
>
>
>
>
>
>
> --
>
> You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
roc...@chromium.org
Sep 17, 2014, 11:06:44 PM9/17/14
to chromium-...@chromium.org, wchrist...@gmail.com, roc...@chromium.org
Once it's been disabled by content verification, you will have to reinstall it from the Webstore.
Would you be able to link to your extension on the Webstore so we can see what's going on here?
Thanks
On Wednesday, September 17, 2014 6:58:51 PM UTC-7, Will Christiansen wrote:
> I've looked through my files and none of them are empty. They all have some sort of content in them so I don't think it's related to https://code.google.com/p/chromium/issues/detail?id=404802. I also went through and checked my file names and all of them are in lowercase only so I don't think that the case sensitivity is the problem either. I do however have my final versions of code minimized with name like "background.min.js" although I don't think that would fall into the first two issues. Even setting the chrome://flags/#extension-content-verification option to "Bootstrap" it wouldn't allow the extension to be enabled. Any other thoughts or information I can supply to hopefully find the root cause of this? Thanks again for eveyone's help.
>
> On Wednesday, September 17, 2014 12:27:29 PM UTC-5, roc...@chromium.org wrote:On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
>
> > You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
> >
>
> >
>
> >
>
> > Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
> >
>
> >
>
> > dave
>
> >
>
> >
>
> > On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> >
>
> > So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
> >
>
> >
>
> >
>
> > On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
>
> > If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> >
>
> > On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
>
> > One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> >
>
> > I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> >
>
> > Thanks in advance!
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > --
>
> >
>
> > You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> >
>
> > To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
Would you be able to link to your extension on the Webstore so we can see what's going on here?
Thanks
On Wednesday, September 17, 2014 6:58:51 PM UTC-7, Will Christiansen wrote:
> I've looked through my files and none of them are empty. They all have some sort of content in them so I don't think it's related to https://code.google.com/p/chromium/issues/detail?id=404802. I also went through and checked my file names and all of them are in lowercase only so I don't think that the case sensitivity is the problem either. I do however have my final versions of code minimized with name like "background.min.js" although I don't think that would fall into the first two issues. Even setting the chrome://flags/#extension-content-verification option to "Bootstrap" it wouldn't allow the extension to be enabled. Any other thoughts or information I can supply to hopefully find the root cause of this? Thanks again for eveyone's help.
>
> On Wednesday, September 17, 2014 12:27:29 PM UTC-5, roc...@chromium.org wrote:On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
>
> > You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
> >
>
> >
>
> >
>
> > Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
> >
>
> >
>
> > dave
>
> >
>
> >
>
> > On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> >
>
> > So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
> >
>
> >
>
> >
>
> > On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
>
> > If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> >
>
> > On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
>
> > One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> >
>
> > I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> >
>
> > Thanks in advance!
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > --
>
> >
>
> > You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> >
>
>
> >
>
> > To post to this group, send email to chromium-...@chromium.org.
>
> >
>
> > Visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/.
>
> >
>
> > To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/8c6e0297-4731-41e8-9caa-821cabc0bb91%40chromium.org.
>
> >
>
> >
>
> >
>
> > For more options, visit https://groups.google.com/a/chromium.org/d/optout.
>
>
>
> On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
>
> > You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
> >
>
> >
>
> >
>
> > Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
> >
>
> >
>
> > dave
>
> >
>
> >
>
> > On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> >
>
> > So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
> >
>
> >
>
> >
>
> > On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
>
> > If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> >
>
> > On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
>
> > One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> >
>
> > I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> >
>
> > Thanks in advance!
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > --
>
> >
>
> > You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> >
>
> > To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
> >
>
> > To post to this group, send email to chromium-...@chromium.org.
>
> >
>
> > Visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/.
>
> >
>
> > To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/8c6e0297-4731-41e8-9caa-821cabc0bb91%40chromium.org.
>
> >
>
> >
>
> >
>
> > For more options, visit https://groups.google.com/a/chromium.org/d/optout.
>
>
>
> On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
>
> > You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
> >
>
> >
>
> >
>
> > Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
> >
>
> >
>
> > dave
>
> >
>
> >
>
> > On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> >
>
> > So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
> >
>
> >
>
> >
>
> > On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
>
> > If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> >
>
> > On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
>
> > One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> >
>
> > I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> >
>
> > Thanks in advance!
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > --
>
> >
>
> > You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> >
>
Will Christiansen
Sep 17, 2014, 11:26:20 PM9/17/14
to chromium-...@chromium.org, wchrist...@gmail.com, roc...@chromium.org
Sure thing. Here's a link to my extension and I've tried to remove/install the extension after I updated it and it still gets flagged for some reason. Thanks again for your help.
Once it's been disabled by content verification, you will have to reinstall it from the Webstore.
Would you be able to link to your extension on the Webstore so we can see what's going on here?
Thanks
On Wednesday, September 17, 2014 6:58:51 PM UTC-7, Will Christiansen wrote:
> I've looked through my files and none of them are empty. They all have some sort of content in them so I don't think it's related to https://code.google.com/p/chromium/issues/detail?id=404802. I also went through and checked my file names and all of them are in lowercase only so I don't think that the case sensitivity is the problem either. I do however have my final versions of code minimized with name like "background.min.js" although I don't think that would fall into the first two issues. Even setting the chrome://flags/#extension-content-verification option to "Bootstrap" it wouldn't allow the extension to be enabled. Any other thoughts or information I can supply to hopefully find the root cause of this? Thanks again for eveyone's help.
>
> On Wednesday, September 17, 2014 12:27:29 PM UTC-5, roc...@chromium.org wrote:On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
>
> > You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
> >
>
> >
>
> >
>
> > Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
> >
>
> >
>
> > dave
>
> >
>
> >
>
> > On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> >
>
> > So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
> >
>
> >
>
> >
>
> > On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
>
> > If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> >
>
> > On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
>
> > One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> >
>
> > I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> >
>
> > Thanks in advance!
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > --
>
> >
>
> > You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> >
>
> > To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
>
> >
>
> > To post to this group, send email to chromium-...@chromium.org.
>
> >
>
> > Visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/.
>
> >
>
> > To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/8c6e0297-4731-41e8-9caa-821cabc0bb91%40chromium.org.
>
> >
>
> >
>
> >
>
> > For more options, visit https://groups.google.com/a/chromium.org/d/optout.
>
>
>
> On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
>
> > You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
> >
>
> >
>
> >
>
> > Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
> >
>
> >
>
> > dave
>
> >
>
> >
>
> > On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> >
>
> > So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
> >
>
> >
>
> >
>
> > On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
>
> > If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> >
>
> > On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
>
> > One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> >
>
> > I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> >
>
> > Thanks in advance!
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > --
>
> >
>
> > You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> >
>
> > To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
Will Christiansen
Sep 18, 2014, 12:11:25 AM9/18/14
to chromium-...@chromium.org, wchrist...@gmail.com, roc...@chromium.org
I also fired up my linux box and installed the Stable, Beta and Dev versions of Chrome. None of the linux versions of chrome seem to be marking the extension as corrupted by malware. I tried Stable and Beta on my Mac and had no issues. It appears that only my Windows 7 machine running Beta or Dev has the problem. Hopefully this is a little bit useful in finding the problem.
Ken Rockot
Sep 18, 2014, 5:46:20 PM9/18/14
to Will Christiansen, Chromium-extensions, Antony Sargent
Got it. This is a bug in the content verification feature. TL;DR workaround: Please change the paths in your manifest by getting rid of the "./" prefixes.
While "./" prefixes are superfluous, they are harmless when handled by most browser code, including any resource references in HTML, CSS, XHRs, etc. When we're verifying contents and processing scripts from the manifest, however, we do not properly translate this path style on Windows systems. This leads the verification code to believe it's missing hashes for the referenced files, implying a hijacking attempt, and it disables the extension.
We'll fix this in Chrome, but you can resolve it for now by adjusting the relative paths in your manifest.
Ken
Will Christiansen
Sep 18, 2014, 9:12:06 PM9/18/14
to chromium-...@chromium.org, wchrist...@gmail.com, asar...@google.com, roc...@chromium.org
Okay, I just uploaded a test version to the store without the "./" prefixes and it hasn't been flagged so it looks like this resolved it. Thanks a lot for your help in resolving this, I really appreciated all the effort.
> > To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsubscribe...@chromium.org.
>
> >
>
> > To post to this group, send email to chromium-...@chromium.org.
>
> >
>
> > Visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/.
>
> >
>
> > To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/8c6e0297-4731-41e8-9caa-821cabc0bb91%40chromium.org.
>
> >
>
> >
>
> >
>
> > For more options, visit https://groups.google.com/a/chromium.org/d/optout.
>
>
>
> On Wednesday, September 17, 2014 9:36:42 AM UTC-7, David Levin wrote:
>
> > You may want to check that you have a build with the fix done in https://code.google.com/p/chromium/issues/detail?id=404802
>
> >
>
> >
>
> >
>
> > Not sure about empty files, but before this fix if you tried to use files that didn't exist your extension would be put in this state.
>
> >
>
> >
>
> > dave
>
> >
>
> >
>
> > On Wed, Sep 17, 2014 at 9:26 AM, Will Christiansen <wchrist...@gmail.com> wrote:
>
> >
>
> > So I have the Dev version on my Desktop and the Stable version on my laptop. It seems like it works fine on my laptop after further investigation but does anyone have any insight into why it would be marked as such on the Dev version? I don't have any empty files or blacklisted urls (as far as I know). Also, how can I ensure my extension will run on someone else using the Beta or Dev build and can't re-enable it because it's inappropriately flagged?
>
> >
>
> >
>
> >
>
> > On Wednesday, September 17, 2014 10:59:21 AM UTC-5, Josh wrote:
>
> > If you're using Beta or Dev try turning down extension-content-verification in chrome://flags. See this comment https://code.google.com/p/chromium/issues/detail?id=390967#c2. Supposedly empty files and blacklisted URLs can trigger this.
>
> >
>
> > On Tuesday, September 16, 2014 11:44:33 PM UTC-7, Will Christiansen wrote:
>
> > One of my extensions was all the sudden marked as corrupt or malicious. In chrome://extensions it has this text underneath the extension description: This extension may have been corrupted by malware. Learn more. The problem is that the "Learn More" link goes absolutely no where and there is nothing online (at least from about 4 hours of searching) that is meant to inform the developer what to do in this situation so I'm at a dead end right now. I also never received an email from Google stating my extension had anything wrong with it.
>
> >
>
> > I hadn't updated the app for a few weeks and then this just started appearing today. I tried cleaning the code up and re-uploading the extension but it still shows that message. I also tried to upload on zip from "Send To -> Compress" and one from 7Zip thinking one or the other was the problem, it doesn't appear that way. There isn't any malicious code in my extension and it simply modifies some DOM elements with JQuery. The extension works fine when I load it up locally but it won't stay enabled when trying to use the store version. Can someone point me to where I should start to get this "warning" removed so my extension can be enabled again?
>
> >
>
> > Thanks in advance!
>
> >
>
> >
>
> >
>
> >
>
> >
>
> >
>
> > --
>
> >
>
> > You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
>
> >
>
> > To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsubscribe...@chromium.org.
Reply all
Reply to author
Forward
0 new messages