Does declarativeNetRequest trigger warning for the users when migrating from V2 to V3

205 views
Skip to first unread message

Goodboost

unread,
Sep 14, 2021, 8:35:30 AM9/14/21
to Chromium Extensions
Hello,

I have a V2 extension and I want to migrate to V3.

My V3 would require declarativeNetRequest to be added in the permission, which is not in the V2 and I am concerned that it would trigger a warning to my users and scare them.

Can anyone confirm which permissions from V3 trigger warnings to the users in the context of an update from V2 to V3.

Thanks a lot

wOxxOm

unread,
Sep 14, 2021, 10:36:04 AM9/14/21
to Chromium Extensions, Goodboost
If your extension already has access to all sites then there should be no additional warning e.g. if you transform "permissions": ["<all_urls>", "webRequest", "webRequestBlocking"] to "permissions": ["declarativeNetRequest"], "host_permissions": ["<all_urls>"]

The same goes for "*://*/*" (or "http://*/*" + "https://*/*") instead of "<all_urls>".

Otherwise, declarativeNetRequest permission has its own warning, which is "Block content on any page you visit", because this is what you can do with this permission alone without any host permissions.

In the future (probably since Chrome 96) we will be able to use declarativeNetRequestWithHostAccess permission that doesn't have any warning of its own. It just grants access to chrome.declarativeNetRequest API. You still need host_permissions or activeTab permission to perform any meaningful action to a URL.

Goodboost

unread,
Sep 14, 2021, 12:31:18 PM9/14/21
to Chromium Extensions, wOxxOm, Goodboost
Thanks a lot !
What if I update from : "permissions": ["domain.com"] to "permissions": ["declarativeNetRequest"], "host_permissions": ["domain.com"]
No warning either ?

wOxxOm

unread,
Sep 14, 2021, 12:58:15 PM9/14/21
to Chromium Extensions, Goodboost, wOxxOm
Since your extension doesn't have access to all hosts so there should be a warning (the "otherwise" case). You can also wait for  declarativeNetRequestWithHostAccess as explained above.

avm99963

unread,
Sep 14, 2021, 2:20:39 PM9/14/21
to Chromium Extensions, wOxxOm, Goodboost
Thanks wOxxOm for explaining that there will be a declarativeNetRequestWithHostAccess permission in the future.

I'll definitely use that in one of my extensions when it's released in stable!

Ibrahim

unread,
Sep 15, 2021, 9:33:33 AM9/15/21
to Chromium Extensions, avm99963, wOxxOm, Goodboost
I'm curious if there is a way to simulate these permission warnings somehow, so we can test them before publishing to CWS.

wOxxOm

unread,
Sep 15, 2021, 9:40:54 AM9/15/21
to Chromium Extensions, Ibrahim, avm99963, wOxxOm, Goodboost
The documentation describes several methods, you can also just look at the details page of an extension before and after update.

wOxxOm

unread,
Sep 15, 2021, 9:43:45 AM9/15/21
to Chromium Extensions, wOxxOm, Ibrahim, avm99963, Goodboost
Also fetch('/manifest.json').then(_ => _.text()).then(_ => chrome.management.getPermissionWarningsByManifest(_, console.log))

Ibrahim

unread,
Sep 15, 2021, 9:55:27 AM9/15/21
to Chromium Extensions, wOxxOm, Ibrahim, avm99963, Goodboost
Awesome! Thanks!

hrg...@gmail.com

unread,
Sep 15, 2021, 12:14:01 PM9/15/21
to Chromium Extensions, Ibrahim, wOxxOm, avm99963, Goodboost
No need to use fetch(). chrome.runtime.getManifest() gives you the manifest.

wOxxOm

unread,
Sep 15, 2021, 12:18:38 PM9/15/21
to Chromium Extensions, hrg...@gmail.com, Ibrahim, wOxxOm, avm99963, Goodboost
Yes, but note that with getManifest() and you'll have to use JSON.stringify().

wOxxOm

unread,
Sep 20, 2021, 3:54:36 PM9/20/21
to Chromium Extensions, wOxxOm, hrg...@gmail.com, Ibrahim, avm99963, Goodboost
The "declarativeNetRequestWithHostAccess" permission has been implemented in Chrome 96:
Reply all
Reply to author
Forward
0 new messages