Home | History | Annotate | Download | only in intros 
      1 <h2 id="manifest">Manifest</h2>
      2 
      3 <p>
      4 You must declare the "declarativeWebRequest" permission in the
      5 <a href="manifest.html">extension manifest</a> to use this API,
      6 along with <a href="declare_permissions.html">host permissions</a>.
      7 </p>
      8 
      9 <pre>{
     10   "name": "My extension",
     11   ...
     12 <b>  "permissions": [
     13     "declarativeWebRequest",
     14     "*://*.google.com"
     15   ]</b>,
     16   ...
     17 }</pre>
     18 
     19 <p>
     20 Note that certain types of non-sensitive actions do not require host
     21 permissions:
     22 <ul>
     23   <li><code>CancelRequest</code>
     24   <li><code>IgnoreRules</code>
     25   <li><code>RedirectToEmptyDocument</code>
     26   <li><code>RedirectToTransparentImage</code>
     27 </ul>
     28 </p>
     29 <p>
     30 The <code>SendMessageToExtension</code> action requires host permissions
     31 for any hosts whose network requests you want to trigger a message.
     32 </p>
     33 <p>
     34 All other actions require host permissions to all URLs.
     35 </p>
     36 <p>
     37 As an example, if <code>"*://*.google.com"</code> is the only host permission an
     38 extension has, than such an extension may set up a rule to
     39 <ul>
     40   <li> cancel a request to "http://www.google.com" or "http://anything.else.com"
     41   <li> send a message when navigating to "http://www.google.com" but not to
     42 "http://something.else.com"
     43 </ul>
     44 The extension cannot set up a rule to redirect "http://www.google.com" to
     45 "http://mail.google.com".
     46 </p>
     47 
     48 <h2 id="rules">Rules</h2>
     49 
     50 <p>
     51 The Declarative Web Request API follows the concepts of the <a
     52   href="events.html#declarative">Declarative API</a>. You can register rules to
     53 the <code>chrome.declarativeWebRequest.onRequest</code> event object.
     54 </p>
     55 
     56 <p>
     57 The Declarative Web Request API supports a single type of match criteria, the
     58 <code>RequestMatcher</code>. The <code>RequestMatcher</code> matches network
     59 requests if and only if all listed criteria are met. The following
     60 <code>RequestMatcher</code> would match a network request when the user enters
     61 "http://www.example.com" in the URL bar:
     62 </p>
     63 
     64 <pre>
     65 var matcher = new chrome.declarativeWebRequest.RequestMatcher({
     66   url: { hostSuffix: 'example.com', schemes: ['http'] },
     67   resourceType: ['main_frame']
     68   });
     69 </pre>
     70 
     71 <p>
     72 Requests to "https://www.example.com" would be rejected by the
     73 <code>RequestMatcher</code> due to the scheme. Also all requests for an embedded
     74 iframe would be rejected due to the <code>resourceType</code>.
     75 </p>
     76 
     77 <p class="note">
     78 <strong>Note:</strong> All conditions and actions are created via a constructor
     79 as shown in the example above.
     80 <p>
     81 
     82 <p>
     83 In order to cancel all requests to "example.com", you can define a rule as
     84 follows:
     85 </p>
     86 <pre>
     87 var rule = {
     88   conditions: [
     89     new chrome.declarativeWebRequest.RequestMatcher({
     90       url: { hostSuffix: 'example.com' } })
     91   ],
     92   actions: [
     93     new chrome.declarativeWebRequest.CancelRequest()
     94   ]};
     95 </pre>
     96 
     97 <p>
     98 In order to cancel all requests to "example.com" and "foobar.com", you can add a
     99 second condition, as each condition is sufficient to trigger all specified
    100 actions:
    101 </p>
    102 <pre>
    103 var rule2 = {
    104   conditions: [
    105     new chrome.declarativeWebRequest.RequestMatcher({
    106       url: { hostSuffix: 'example.com' } }),
    107     new chrome.declarativeWebRequest.RequestMatcher({
    108       url: { hostSuffix: 'foobar.com' } })
    109   ],
    110   actions: [
    111     new chrome.declarativeWebRequest.CancelRequest()
    112   ]};
    113 </pre>
    114 
    115 <p>
    116 Register rules as follows:
    117 </p>
    118 <pre>
    119 chrome.declarativeWebRequest.onRequest.addRules([rule2]);
    120 </pre>
    121 
    122 <p class="note">
    123 <strong>Note:</strong> You should always register or unregister rules in bulk rather than
    124 individually because each of these operations recreates internal data
    125 structures.  This re-creation is computationally expensive but facilitates a
    126 very fast URL matching algorithm for hundreds of thousands of URLs. The
    127 <a href="events.html#performance">Performance section</a> of the $ref:[events
    128 Events] API provides further performance tips.
    129 </p>
    130 
    131 
    132 <h2 id="evaluation">Evaluation of conditions and actions</h2>
    133 
    134 <p>
    135 The Declarative Web Request API follows the
    136 <a href="webRequest.html#life_cycle">Life cycle model for web requests</a> of
    137 the <a href="webRequest.html">Web Request API</a>. This means that conditions
    138 can only be tested at specific stages of a web request and, likewise, actions
    139 can also only be executed at specific stages. The following tables list the
    140 request stages that are compatible with conditions and actions.
    141 </p>
    142 
    143 <p>
    144 <table>
    145   <tr>
    146     <th colspan="5">Request stages during which condition attributes can be processed.
    147   </tr>
    148   <tr>
    149     <th>Condition attribute
    150     <th>onBeforeRequest
    151     <th>onBeforeSendHeaders
    152     <th>onHeadersReceived
    153     <th>onAuthRequired
    154   </tr>
    155   <tr><td>url<td><td><td><td>
    156   <tr><td>resourceType<td><td><td><td>
    157   <tr><td>contentType<td><td><td><td>
    158   <tr><td>excludeContentType<td><td><td><td>
    159   <tr><td>responseHeaders<td><td><td><td>
    160   <tr><td>excludeResponseHeaders<td><td><td><td>
    161   <tr><td>requestHeaders<td><td><td><td>
    162   <tr><td>excludeRequestHeaders<td><td><td><td>
    163   <tr><td>thirdPartyForCookies<td><td><td><td>
    164   <tr>
    165     <th colspan="5" style="padding-top:2em">Request stages during which actions can be executed.
    166   </tr>
    167   <tr>
    168     <th>Event
    169     <th>onBeforeRequest
    170     <th>onBeforeSendHeaders
    171     <th>onHeadersReceived
    172     <th>onAuthRequired
    173   </tr>
    174   <tr><td>AddRequestCookie<td><td><td><td>
    175   <tr><td>AddResponseCookie<td><td><td><td>
    176   <tr><td>AddResponseHeader<td><td><td><td>
    177   <tr><td>CancelRequest<td><td><td><td>
    178   <tr><td>EditRequestCookie<td><td><td><td>
    179   <tr><td>EditResponseCookie<td><td><td><td>
    180   <tr><td>IgnoreRules<td><td><td><td>
    181   <tr><td>RedirectByRegEx<td><td><td><td>
    182   <tr><td>RedirectRequest<td><td><td><td>
    183   <tr><td>RedirectToEmptyDocument<td><td><td><td>
    184   <tr><td>RedirectToTransparentImage<td><td><td><td>
    185   <tr><td>RemoveRequestCookie<td><td><td><td>
    186   <tr><td>RemoveRequestHeader<td><td><td><td>
    187   <tr><td>RemoveResponseCookie<td><td><td><td>
    188   <tr><td>RemoveResponseHeader<td><td><td><td>
    189   <tr><td>SendMessageToExtension<td><td><td><td>
    190   <tr><td>SetRequestHeader<td><td><td><td>
    191 </table>
    192 </p>
    193 
    194 <p>
    195 <strong>Note:</strong> Applicable stages can be further constrained by using the
    196 "stages" attribute.
    197 </p>
    198 <p>
    199 <strong>Example:</strong> It is possible to combine a
    200 <code>new chrome.declarativeWebRequest.RequestMatcher({contentType: ["image/jpeg"]})</code>
    201 condition with a <code>new chrome.declarativeWebRequest.CancelRequest()</code>
    202 action because both of them can be evaluated in the onHeadersReceived stage.
    203 It is, however, impossible to combine the request matcher with a
    204 <code>new chrome.declarativeWebRequest.RedirectToTransparentImage()</code>
    205 because redirects cannot be executed any more by the time the content
    206 type has been determined.
    207 </p>
    208 
    209 <h2 id="precedences">Using priorities to override rules</h2>
    210 
    211 <p>
    212 Rules can be associated with priorities as described in the
    213 <a href="events.html#declarative">Events API</a>. This mechanism can be used
    214 to express exceptions. The following example will block all requests to
    215 images named "evil.jpg" except on the server "myserver.com".
    216 </p>
    217 
    218 <pre>
    219 var rule1 = {
    220   priority: 100,
    221   conditions: [
    222     new chrome.declarativeWebRequest.RequestMatcher({
    223         url: { pathEquals: 'evil.jpg' } })
    224   ],
    225   actions: [
    226     new chrome.declarativeWebRequest.CancelRequest()
    227   ]
    228 };
    229 var rule2 = {
    230   priority: 1000,
    231   conditions: [
    232     new chrome.declarativeWebRequest.RequestMatcher({
    233       url: { hostSuffix: '.myserver.com' } })
    234   ],
    235   actions: [
    236     new chrome.declarativeWebRequest.IgnoreRules({
    237       lowerPriorityThan: 1000 })
    238   ]
    239 };
    240 chrome.declarativeWebRequest.onRequest.addRules([rule1, rule2]);
    241 </pre>
    242 
    243 <p>
    244 It is important to recognize that the <code>IgnoreRules</code> action is not
    245 persisted across <a href="#evaluation">request stages</a>. All conditions of
    246 all rules are evaluated at each stage of a web request. If an
    247 <code>IgnoreRules</code> action is executed, it applies only to other actions
    248 that are executed for the same web request in the same stage.
    249 </p>
    250