compliance review on publication
13 views
Skip to first unread message
David Jacobowitz
Jul 25, 2016, 2:34:12 PM7/25/16
to chromi...@chromium.org
I am developing a Chrome extension for work that adds a "suspected phishing" button to Gmail that when the user presses it, the currently open email is forwarded to our security team.
We may ultimately deploy it internally, or we may not. Right now, I'd just like to demo it for colleagues.
My problem is that every time I submit the extension for publication to testers, it gets flagged for a "compliance review." After a day or so, it is published.
I don't know what is triggering this extra review. Is there something in the manifest that triggers this? I click on the "why am I getting this compliance review?" link in the message, and it just takes me to the generic CWS FAQ.
It's super annoying because it slows dev work down immensely; if I want to demo the extension, I have to set it up locally on the user's computer (which also requires a new client_id for accessing the Google APIs since such client_ids are linked to the extension url, which is different for every local install.)
Any ideas?
Manifest:
{
"name": "Phishing Reporter",
"short_name": "Phishing Reporter",
"version": "1.2.1",
"manifest_version": 2,
"description": "Report Phishy emails.",
"icons": {
"128": "phishing2.png"
},
"options_ui": {
"page": "options.html",
"chrome_style": true
},
"permissions": [
"identity",
"*://*.google.com/*",
"storage"
],
"content_scripts": [
{
"matches": [
],
"js": [ "shared.js", "content.js" ],
"run_at": "document_end"
}
],
"web_accessible_resources": [
"jquery-3.0.0.min.js",
"gmhack/src/gmail.js",
"injected_main.js"
],
"background": {
"scripts": ["base64.js", "shared.js", "background.js"],
"persistent": true
},
"content_security_policy": "script-src https://*.google.com 'unsafe-eval'; object-src 'self'",
"oauth2": {
"client_id": "<<redacted>>",
"scopes": [
]
}
}
Reply all
Reply to author
Forward
0 new messages