Announcement: Updates to the Developer Program Policies

489 views
Skip to first unread message

Stefan Van Damme

unread,
Apr 3, 2024, 2:53:57 PMApr 3
to Chromium Extensions

Dear Developer,

The Chrome Web Store is introducing updates to our policies for extensions using MV3. These updates expand the possibilities to load remote content within your extension, while remaining in compliance with our remotely hosted code policies. Here is a guide on the changes and what they mean for your extension development:

1. Self-Contained Functionality: A Focus on Transparency

The core principle remains: the full functionality of your extension should be easily discernible from the submitted code. It is critical to ensure that the logic driving your extension is well-defined within its codebase.

2. External Resource Usage: Striking a Balance

Extensions can still reference and load data from external sources, but these resources must not contain any logic. Extensions are permitted to execute logic from remote sources only through documented APIs like the Debugger API and User Scripts API. This strikes a balance between flexibility and security, allowing external data without compromising the transparent nature of your extension's functionality.

3. Isolated Contexts: Exemptions and Responsibilities

Code running in isolated contexts, such as iframes and sandboxed pages, is exempt from certain restrictions on loading code from remote sources. However, it's crucial to maintain transparency. The full functionality of your extension should still be discernible in these contexts.

4. Review Process Consequences: A Note on Enforcement

If we are unable to determine the full functionality of your extension during the review process, we may take appropriate action. Submissions that lack clarity or violate policies might be rejected or removed from the Chrome Web Store.

You can learn more about today’s guidance in our Program Policies. These policy clarifications will go into effect on April 15, 2024. After that date, extensions in violation of these new policies may be removed from the Chrome Web Store and be disabled.

If you have any questions, you can contact developer support.

Thank you for your cooperation, and for your participation in the Chrome extension ecosystem!

- The Google Chrome Web Store team


Source: Chrome Web Store newsletter

Thanks,
Stefan vd

James Arnott

unread,
Apr 7, 2024, 3:33:24 PMApr 7
to Chromium Extensions, Stefan Van Damme
Hi Stefan,

To what extent does this change things, can we still have externally hosted feature flags, or externally hosted class names to specify where elements get injected, for example?
Would you mind providing a clearer definition of "logic" in this context please.

Thanks,

James

Oliver Dunk

unread,
Apr 7, 2024, 6:14:28 PMApr 7
to James Arnott, Chromium Extensions, Stefan Van Damme
Hi James,

The intent of this policy update is to expand what is acceptable, so anything that was permissible before should be fine.

Externally hosted feature flags should be good. It's hard to make a blanket statement around externally hosted class names - this may be fine but could also be a violation if we are not easily able to determine the full extent of what might be possible.

Hope that helps,
Oliver Dunk | DevRel, Chrome Extensions | https://developer.chrome.com/ | London, GB


--
You received this message because you are subscribed to the Google Groups "Chromium Extensions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extens...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/a71dd739-1bf0-4525-9626-3188500ded35n%40chromium.org.

James Arnott

unread,
May 24, 2024, 7:16:02 PMMay 24
to Chromium Extensions, Oliver Dunk, Chromium Extensions, Stefan Van Damme, James Arnott

Hi Oliver,

Thankyou for the extra clarity you've given, I do very much appreciate it!

Kind regards,

James
Reply all
Reply to author
Forward
0 new messages