Chrome Extension Corrupted error for few users

[Alok Kulkarni]

Hi all,

I have an extension that was already working fine in v2 and my team worked on converting it to v3. Conversion was succesfull and its fully functional in v3. However some external customers are getting the issue of extension corruption.

I have gone through other threads where the root causes mentioned are related to filename mismatch,  double / in filepaths etc but those issues dont exist in my code. 

(

1. • crbug.com/437675 — Dot-slash paths in content_scripts.

   • crbug.com/439464 — Incorrect case in <img> tags injected by content scripts.

   • crbug.com/444085 — Double-slash // in URLs inside the extension.
     

)

When I ran the extension on Chrome with debug logs enabled, I got following relevant logs

"Content verify job failed for extension: jhhdnfchpbcaeafgmdlijhhpandanbnl at path: content/executePostMessageScript.js and for reason:4"

Key Evidence from Logs

• Repeated Content verify job failed for content/executePostMessageScript.js

• reason:4 = hash mismatch (file contents changed after install)

• Extension ID: jhhdnfchpbcaeafgmdlijhhpandanbnl

• Version: 1.39.56_0

• Timing: Every 10-15 minutes (likely when Chrome re-verifies or when the external tool runs)

This specific file is a small injected script that posts a stored message to the page and removes its script node:

(() => {
const message = JSON.parse(localStorage.getItem("executePostMessage"));
window.postMessage(message, '*');
let selfNode = document.currentScript;
selfNode.parentNode.removeChild(selfNode);
})();

AI suggested me following reasons

1. Antivirus/EDR/DLP Software

   • Security tools often inject instrumentation code into JavaScript files

   • They may add telemetry/monitoring hooks to messaging scripts

   • executePostMessageScript.js specifically handles postMessage, which security tools often monitor

2. Backup/Sync Tools

   • OneDrive, Dropbox, or corporate backup solutions might touch Chrome profile files

   • Can cause transient file locks or modifications

3. Chrome Policies (if in managed/enterprise environment)

   • Strict ExtensionContentVerification policy

   • Conflicting force-install policies

But then the question is how did it work on v2 and now why only few users and not all.

Also in logs I see the following 

[12612:9668:1010/141949.366:VERBOSE1:extensions\browser\content_verifier\content_hash.cc:394] content mismatch for img/default_icon.png
[12612:9668:1010/141949.366:VERBOSE1:extensions\browser\content_verifier\content_hash.cc:394] content mismatch for img/default_icon_128.png
[12612:9668:1010/141949.366:VERBOSE1:extensions\browser\content_verifier\content_hash.cc:394] content mismatch for img/default_icon_16.png
[12612:9668:1010/141949.366:VERBOSE1:extensions\browser\content_verifier\content_hash.cc:394] content mismatch for img/default_icon_48.png
[12612:9668:1010/141949.366:VERBOSE1:extensions\browser\content_verifier\content_hash.cc:394] content mismatch for img/default_icon_96.png
[12612:9668:1010/141949.366:VERBOSE1:extensions\browser\content_verifier\content_hash.cc:394] content mismatch for manifest.json

[12612:9668:1010/141949.366:VERBOSE1:extensions\browser\content_verifier\content_hash.cc:394] content mismatch for manifest.json

Any help will be greatly appreciated. 

[Alok Kulkarni]

Hello team,

Please let me know if you have any pointers on the potential fix for the issue. 

Regards,

Alok 

[Justin Lulejian]

Hi Alok,

I believe this might be an occurance of Content verification for extensions can race and corrupt extension install that we are looking into. 

Best regards,

Justin

[Alok Kulkarni]

Hi Justin,

Thanks a lot for the update. Any insights on a timeline for the fix ? 

We are seeing multiple users reporting this issue almost to a point of extension not being usable. 

Regards,

Alok

[Alok Kulkarni]

Also FYI, the link that you shared is not accessible  Content verification for extensions can race and corrupt extension install