1 <div id="pageData-name" class="pageData">Permission Warnings</div> 2 <div id="pageData-showTOC" class="pageData">true</div> 3 4 <!-- 5 NOTE: When this doc is updated, the online help should also be updated: 6 http://www.google.com/support/chrome_webstore/bin/answer.py?hl=en&answer=186213 7 8 We should periodically look at 9 http://src.chromium.org/viewvc/chrome/trunk/src/chrome/app/generated_resources.grd?view=markup 10 to make sure that we're covering all messages. Search for 11 IDS_EXTENSION_PROMPT_WARNING 12 (e.g. IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY). 13 --> 14 15 <p> 16 To use most chrome.* APIs and extension capabilities, 17 your extension must declare its intent in the 18 <a href="manifest.html">manifest</a>, 19 often in the "permissions" field. 20 Some of these declarations 21 result in a warning when 22 a user installs your extension. 23 </p> 24 25 <p> 26 When you autoupdate your extension, 27 the user might see another warning 28 if the extension requests new permissions. 29 These new permissions might be new APIs that your extension uses, 30 or they might be new websites 31 that your extension needs access to. 32 </p> 33 34 35 <h2 id="examples"> Examples of permission warnings </h2> 36 37 <p> 38 Here's a typical dialog 39 that a user might see when installing an extension: 40 </p> 41 42 <img src="images/perms-hw1.png" 43 width="410" height="193" 44 alt="Permission warning: 'It can access: Your data on api.flickr.com'" 45 /> 46 47 <p> 48 The warning about access to data on api.flickr.com 49 is caused by the following lines 50 in the extension's manifest: 51 </p> 52 53 <pre> 54 "permissions": [ 55 <b>"http://api.flickr.com/"</b> 56 ], 57 </pre> 58 59 <p class="note"> 60 <b>Note:</b> 61 You don't see permission warnings when 62 you load an unpacked extension. 63 You get permission warnings only when you install an extension 64 from a <code>.crx</code> file. 65 </p> 66 67 <p> 68 If you add a permission to the extension when you autoupdate it, 69 the user might see a new permission warning. 70 For example, 71 assume you add a new site and the "tabs" permission 72 to the previous example: 73 </p> 74 75 <pre> 76 "permissions": [ 77 "http://api.flickr.com/", 78 <b>"http://*.flickr.com/", 79 "tabs"</b> 80 ], 81 </pre> 82 83 <p> 84 When the extension autoupdates, 85 the increased permissions 86 cause the extension to be disabled 87 until the user re-enables it. 88 Here's the warning the user sees: 89 </p> 90 91 <img src="images/perms-hw2-disabled.png" 92 width="814" height="30" 93 alt="Warning text: 'The newest version of the extension Hello World requires more permissions, so it has been disabled. [Re-enable].'" 94 /> 95 96 <p> 97 Clicking the Re-enable button 98 brings up the following warning: 99 </p> 100 101 <img src="images/perms-hw2.png" 102 width="412" height="220" 103 alt="Permission warning: 'It can access: Your data on api.flickr.com and flickr.com; Your browsing history'" 104 /> 105 106 107 <h2 id="warnings"> Warnings and their triggers </h2> 108 109 <p> 110 It can be surprising when adding a permission such as "tabs" 111 results in the seemingly unrelated warning 112 that the extension can access your browsing activity. 113 The reason for the warning is that 114 although the <code>chrome.tabs</code> API 115 might be used only to open new tabs, 116 it can also be used to see the URL that's associated 117 with every newly opened tab 118 (using their <a href="tabs.html#type-Tab">Tab</a> objects). 119 </p> 120 121 <p class="note"> 122 <b>Note:</b> 123 As of Google Chrome 7, 124 you no longer need to specify the "tabs" permission 125 just to call <code>chrome.tabs.create()</code> 126 or <code>chrome.tabs.update()</code>. 127 </p> 128 129 <p> 130 The following table lists the warning messages 131 that users can see, 132 along with the manifest entries 133 that trigger them. 134 </p> 135 136 <p> 137 <table> 138 <tr> 139 <th>Warning message</th> <th>Manifest entry that causes it</th> <th>Notes</th> 140 </tr> 141 142 <tr> 143 <td style="font-weight:bold"> 144 <!-- IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS --> 145 All data on your computer and the websites you visit 146 </td> 147 <td> 148 "plugins" 149 </td> 150 <td> 151 The "plugins" permission is required by 152 <a href="npapi.html">NPAPI plugins</a>. 153 </td> 154 </tr> 155 156 <tr> 157 <td style="font-weight:bold"> 158 <!-- IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS --> 159 Your bookmarks 160 </td> 161 <td> 162 "bookmarks" permission 163 </td> 164 <td> 165 The "bookmarks" permission is required by the 166 <a href="bookmarks.html"><code>chrome.bookmarks</code></a> module. 167 </td> 168 </tr> 169 170 <tr> 171 <td style="font-weight:bold"> 172 <!-- IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY --> 173 Your browsing history 174 </td> 175 <td> 176 <!-- HasEffectiveBrowsingHistoryPermission --> 177 "history" permission 178 </td> 179 <td> 180 <p> 181 The "history" permission is required by 182 <a href="history.html"><code>chrome.history</code></a>. 183 </p> 184 </td> 185 </tr> 186 187 <tr> 188 <td style="font-weight:bold"> 189 <!-- IDS_EXTENSION_PROMPT_WARNING_TABS --> 190 Your tabs and browsing activity 191 </td> 192 <td> 193 <!-- HasEffectiveBrowsingHistoryPermission --> 194 "tabs" permission 195 </td> 196 <td> 197 <p> 198 The "tabs" permission is required by the 199 <a href="tabs.html"><code>chrome.tabs</code></a> and 200 <a href="windows.html"><code>chrome.windows</code></a> modules. 201 </p> 202 </td> 203 </tr> 204 205 <tr> 206 <td style="font-weight:bold"> 207 <!-- IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS --> 208 Your data on all websites 209 </td> 210 <td> 211 <!-- HasEffectiveAccessToAllHosts() --> 212 Any of the following: 213 <ul> 214 <li> "proxy" permission </li> 215 <li> "debugger" permission </li> 216 <li> A match pattern in the "permissions" field 217 that matches all hosts </li> 218 <li> A "content_scripts" field with a "matches" entry 219 that matches all hosts </li> 220 <li> "devtools_page" (experimental) </li> 221 </ul> 222 </td> 223 <td> 224 <p> 225 The "proxy" permission is required by the 226 <a href="experimental.proxy.html">experimental proxy</a> module. 227 </p> 228 229 <p> 230 The "debugger" permission is required by the 231 <a href="experimental.debugger.html">experimental debugger</a> module. 232 </p> 233 234 <p> 235 Any of the following URLs match all hosts: 236 </p> 237 <ul> 238 <li> <code>http://*/*</code> </li> 239 <li> <code>https://*/*</code> </li> 240 <li> <code>*://*/*</code> </li> 241 <li> <code><all_urls></code> </li> 242 </ul> 243 </td> 244 </tr> 245 <tr> 246 <td style="font-weight:bold"> 247 <!-- IDS_EXTENSION_PROMPT_WARNING_?_HOST --> 248 <!-- IDS_EXTENSION_PROMPT_WARNING_4_OR_MORE_HOSTS --> 249 Your data on <em>{list of websites}</em> 250 </td> 251 <td> 252 A match pattern in the "permissions" field 253 that specifies one or more hosts, 254 but not all hosts 255 </td> 256 <td> 257 <p> 258 Up to 3 sites are listed by name. 259 Subdomains aren't treated specially. 260 For example, <code>a.com</code> and <code>b.a.com</code> 261 are listed as different sites. 262 </p> 263 264 <p> 265 On autoupdate, 266 the user sees a permission warning 267 if the extension adds or changes sites. 268 For example, going from <code>a.com,b.com</code> 269 to <code>a.com,b.com,c.com</code> 270 triggers a warning. 271 Going from <code>b.a.com</code> 272 to <code>a.com</code>, 273 or vice versa, 274 also triggers a warning. 275 </p> 276 </td> 277 </tr> 278 279 <tr> 280 <td style="font-weight:bold"> 281 <!-- IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT --> 282 Your list of installed apps, extensions, and themes 283 <br /> 284 <span style="font-weight:normal; font-style:italic">or</span> 285 <br /> 286 Manage themes, extensions, and apps 287 288 <!-- PENDING: remove "Manage...apps" alternative message 289 once the fix is out on stable channel --> 290 <!-- See http://crbug.com/67859 --> 291 </td> 292 <td> 293 "management" permission 294 </td> 295 <td> 296 The "management" permission is required by the 297 <a href="management.html"><code>chrome.management</code></a> module. 298 </td> 299 </tr> 300 301 <tr> 302 <td style="font-weight:bold"> 303 <!-- IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION --> 304 Your physical location 305 </td> 306 <td> 307 "geolocation" permission 308 </td> 309 <td> 310 Allows the extension to use the proposed HTML5 311 <a href="http://dev.w3.org/geo/api/spec-source.html">geolocation API</a> 312 without prompting the user for permission. 313 </td> 314 </tr> 315 </table> 316 </p> 317 318 319 <h2 id="nowarning"> Permissions that don't cause warnings </h2> 320 321 <p> 322 The following permissions don't result in a warning: 323 </p> 324 325 <ul> 326 <li>"chrome://favicon/"</li> 327 <li>"contextMenus"</li> 328 <li>"cookies"</li> 329 <li>"experimental"</li> 330 <li>"idle"</li> 331 <li>"notifications"</li> 332 <li>"unlimitedStorage"</li> 333 </ul> 334 335 <h2 id="test"> Testing permission warnings </h2> 336 337 <p> 338 If you'd like to see exactly which warnings your users will get, 339 <a href="packaging.html">package your extension</a> 340 into a <code>.crx</code> file, 341 and install it. 342 </p> 343 344 <p> 345 To see the warnings users will get when your extension is autoupdated, 346 you can go to a little more trouble 347 and set up an autoupdate server. 348 To do this, first create an update manifest 349 and point to it from your extension, 350 using the "update_url" key 351 (see <a href="autoupdate.html">Autoupdating</a>). 352 Next, <a href="packaging.html">package the extension</a> 353 into a new <code>.crx</code> file, 354 and install the app from this <code>.crx</code> file. 355 Now, change the extension's manifest to contain the new permissions, 356 and <a href="packaging.html#update">repackage the extension</a>. 357 Finally, update the extension 358 (and all other extensions that have outstanding updates) 359 by clicking the <b>chrome://extensions</b> page's 360 <b>Update extensions now</b> button. 361 </p> 362
