Here's my predicament. I am writing an ex开发者_运维问答tension for Google Chrome. And it works fine. It's a theme for Google+.
Enough with that. In order to display an icon in the address bar, I need to have "tabs" as part of my permissions. I believe this also causes the web store to say that my extension can access the browser's history. Any way to remedy this?
(Source here: https://github.com/bichiliad/G-Theme)
You don't need tabs permission for displaying a browser action icon, but you need it for your chrome.tabs.onUpdated.addListener() in a background page.
tabs permission shouldn't trigger "Your browsing history" warning, it's a bug in the gallery. According to specs it should say "Your tabs and browsing activity". I would suggest to submit a bug report.
It's interesting how few things actually require the "tabs" permission nowadays.
Quoting the documentation itself (emphasis mine):
The majority of the
chrome.tabsAPI can be used without declaring any permission. However, the"tabs"permission is required in order to populate theurl,title, andfavIconUrlproperties of Tab.
So you can easily manipulate tabs (e.g. create them) without ever needing the permission.
What's more, when "activeTab" permission is active (the extension was invoked for the current tab), the restricted fields will be populated if you query for them.
One common task that seems to require the "tabs" permission is to find a tab with a given address. This used to be impossible without the permission, especially before query() was a thing - one would just get all the tabs and filter them by hand.
However, even if you don't have the "tabs" permission, you can query by URL pattern. You do require host permissions for this URL pattern.
So, suppose you want to know if www.example.com is open in some tabs:
chrome.tabs.query({url: "*://www.example.com/*"}, function(tabs) {
// Look, ma, no "tabs"!
});
Proof of concept: GitHub
Important: this last trick does not work in Firefox WebExtensions. They unconditionally throw an exception if tabs are queried by URL without "tabs" permission. Yes, this is a direct contradiction with the documentation even for Chrome, so it may stop working at some point.
Now suppose you still want to know the exact URL (with the above method you can only guess) and the title/favicon for some tabs. Do you still need the "tabs" permission?
Depends. If you only need it for a few websites, declare host permissions for them and inject a content script (after querying as above) that harvests this information.
This will lead to a different warning:
Read and modify your data on {list of websites}
vs the one for "tabs":
Read your browsing history
In case you are making an extension that makes sense only in the context of those sites, it's a reasonable compromise. If, instead, you're making a generic extension that needs to get this information for websites you don't know in advance - then yes, "tabs" makes perfect sense.
EDIT: This is actually NOT a good practice (more info on the comments bellow). I won't delete this answer just to let others know what not to do.
I had the same issue and solved it by just adding "http://*/*" and "https://*/*" to the permissions.
Like this:
"permissions": [
"tabs",
"http://*/*",
"https://*/*"
]
I don't know exactly why and it doesn't make much sense (does it?), but now the "Read and modify your browsing history" permission message is gone.
Hope this helps.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论