declarativeNetRequest not triggering from separate extension

158 views
Skip to first unread message

Curtis Holland

unread,
Oct 30, 2024, 4:25:53 PMOct 30
to Chromium Extensions
I have 2 different extensions, extensionA and extensionB

extensionA has a declarativeNetRequest rule with a regex filter of ^https://(.*).example.com(.*)$ to add a header to every request.

extensionB has a NewTab override with links in the markup to https://domainA.example.com/path/to/page

If I were to drop the url 'https://domainA.example.com/path/to/page' directly into the address bar, the rule will take effect and the header will be added to the request.  However whenever I click the same url link within extensionB, the rule doesn't take effect.  

How do I modify the rule in extensionA to get the link within extensionB to follow the rule specified in extensionA

here is the rule in question:

{
    action: {
        type: "modifyHeaders",
        requestHeaders: [{"header": "x-custom-header", "operation": "set", "value": "true"}]
    },
    condition: {
        "regexFilter": "^https://(.*)\.example\.com(.*)$",
        resourceTypes: [ "main_frame" ]
    },
    id: 1,
    priority: 1
}

woxxom

unread,
Oct 30, 2024, 7:56:06 PMOct 30
to Chromium Extensions, Curtis Holland
This is a bug, which is apparently caused by the fact that navigation from an existing document has its `initiator` property set to that tab's origin, i.e. to the other extension. The browser should be fixed, because extensions act on the behalf of the user agent, so a link opened from an extension should behave the same as the link opened from the built-in start page or from the address bar.

P.S. While your regexFilter is probably just a placeholder, but I'll comment anyway as it exhibits a common dangerous mistake: it matches https://malicious.site/.example.com and https://www.example.com.malicious.site/, while not matching https://example.com/. The best solution for such pattern is "urlFilter": "||example.com/" which is anchored on both sides. If you really need regex, you'll have to be explicit: "^https://([^/]*\\.)?example\\.com/(.*)" which can be even more complicated if you want to handle user:password@ and a :port, also note that the escapes should be repeated as \\ in normal strings, but you can use String.raw`\.` for single-character escapes.
Reply all
Reply to author
Forward
0 new messages