1<div id="pageData-name" class="pageData">Permission Warnings</div> 2<div id="pageData-showTOC" class="pageData">true</div> 3 4<!-- 5NOTE: When this doc is updated, the online help should also be updated: 6http://www.google.com/support/chrome_webstore/bin/answer.py?hl=en&answer=186213 7 8We should periodically look at 9http://src.chromium.org/viewvc/chrome/trunk/src/chrome/app/generated_resources.grd?view=markup 10to make sure that we're covering all messages. Search for 11IDS_EXTENSION_PROMPT_WARNING 12(e.g. IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY). 13--> 14 15<p> 16To use most chrome.* APIs and extension capabilities, 17your extension must declare its intent in the 18<a href="manifest.html">manifest</a>, 19often in the "permissions" field. 20Some of these declarations 21result in a warning when 22a user installs your extension. 23</p> 24 25<p> 26When you autoupdate your extension, 27the user might see another warning 28if the extension requests new permissions. 29These new permissions might be new APIs that your extension uses, 30or they might be new websites 31that your extension needs access to. 32</p> 33 34 35<h2 id="examples"> Examples of permission warnings </h2> 36 37<p> 38Here's a typical dialog 39that a user might see when installing an extension: 40</p> 41 42<img src="images/perms-hw1.png" 43 width="410" height="193" 44 alt="Permission warning: 'It can access: Your data on api.flickr.com'" 45 /> 46 47<p> 48The warning about access to data on api.flickr.com 49is caused by the following lines 50in the extension's manifest: 51</p> 52 53<pre> 54"permissions": [ 55 <b>"http://api.flickr.com/"</b> 56], 57</pre> 58 59<p class="note"> 60<b>Note:</b> 61You don't see permission warnings when 62you load an unpacked extension. 63You get permission warnings only when you install an extension 64from a <code>.crx</code> file. 65</p> 66 67<p> 68If you add a permission to the extension when you autoupdate it, 69the user might see a new permission warning. 70For example, 71assume you add a new site and the "tabs" permission 72to the previous example: 73</p> 74 75<pre> 76"permissions": [ 77 "http://api.flickr.com/", 78 <b>"http://*.flickr.com/", 79 "tabs"</b> 80], 81</pre> 82 83<p> 84When the extension autoupdates, 85the increased permissions 86cause the extension to be disabled 87until the user re-enables it. 88Here's the warning the user sees: 89</p> 90 91<img src="images/perms-hw2-disabled.png" 92 width="814" height="30" 93 alt="Warning text: 'The newest version of the extension Hello World requires more permissions, so it has been disabled. [Re-enable].'" 94 /> 95 96<p> 97Clicking the Re-enable button 98brings up the following warning: 99</p> 100 101<img src="images/perms-hw2.png" 102 width="412" height="220" 103 alt="Permission warning: 'It can access: Your data on api.flickr.com and flickr.com; Your browsing history'" 104 /> 105 106 107<h2 id="warnings"> Warnings and their triggers </h2> 108 109<p> 110It can be surprising when adding a permission such as "tabs" 111results in the seemingly unrelated warning 112that the extension can access your browsing activity. 113The reason for the warning is that 114although the <code>chrome.tabs</code> API 115might be used only to open new tabs, 116it can also be used to see the URL that's associated 117with every newly opened tab 118(using their <a href="tabs.html#type-Tab">Tab</a> objects). 119</p> 120 121<p class="note"> 122<b>Note:</b> 123As of Google Chrome 7, 124you no longer need to specify the "tabs" permission 125just to call <code>chrome.tabs.create()</code> 126or <code>chrome.tabs.update()</code>. 127</p> 128 129<p> 130The following table lists the warning messages 131that users can see, 132along with the manifest entries 133that trigger them. 134</p> 135 136<p> 137<table> 138<tr> 139 <th>Warning message</th> <th>Manifest entry that causes it</th> <th>Notes</th> 140</tr> 141 142<tr> 143 <td style="font-weight:bold"> 144 <!-- IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS --> 145 All data on your computer and the websites you visit 146 </td> 147 <td> 148 "plugins" 149 </td> 150 <td> 151 The "plugins" permission is required by 152 <a href="npapi.html">NPAPI plugins</a>. 153 </td> 154</tr> 155 156<tr> 157 <td style="font-weight:bold"> 158 <!-- IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS --> 159 Your bookmarks 160 </td> 161 <td> 162 "bookmarks" permission 163 </td> 164 <td> 165 The "bookmarks" permission is required by the 166 <a href="bookmarks.html"><code>chrome.bookmarks</code></a> module. 167 </td> 168</tr> 169 170<tr> 171 <td style="font-weight:bold"> 172 <!-- IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY --> 173 Your browsing history 174 </td> 175 <td> 176 <!-- HasEffectiveBrowsingHistoryPermission --> 177 "history" permission 178 </td> 179 <td> 180 <p> 181 The "history" permission is required by 182 <a href="history.html"><code>chrome.history</code></a>. 183 </p> 184 </td> 185</tr> 186 187<tr> 188 <td style="font-weight:bold"> 189 <!-- IDS_EXTENSION_PROMPT_WARNING_TABS --> 190 Your tabs and browsing activity 191 </td> 192 <td> 193 <!-- HasEffectiveBrowsingHistoryPermission --> 194 "tabs" permission 195 </td> 196 <td> 197 <p> 198 The "tabs" permission is required by the 199 <a href="tabs.html"><code>chrome.tabs</code></a> and 200 <a href="windows.html"><code>chrome.windows</code></a> modules. 201 </p> 202 </td> 203</tr> 204 205<tr> 206 <td style="font-weight:bold"> 207 <!-- IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS --> 208 Your data on all websites 209 </td> 210 <td> 211 <!-- HasEffectiveAccessToAllHosts() --> 212 Any of the following: 213 <ul> 214 <li> "proxy" permission </li> 215 <li> "debugger" permission </li> 216 <li> A match pattern in the "permissions" field 217 that matches all hosts </li> 218 <li> A "content_scripts" field with a "matches" entry 219 that matches all hosts </li> 220 <li> "devtools_page" (experimental) </li> 221 </ul> 222 </td> 223 <td> 224 <p> 225 The "proxy" permission is required by the 226 <a href="experimental.proxy.html">experimental proxy</a> module. 227 </p> 228 229 <p> 230 The "debugger" permission is required by the 231 <a href="experimental.debugger.html">experimental debugger</a> module. 232 </p> 233 234 <p> 235 Any of the following URLs match all hosts: 236 </p> 237 <ul> 238 <li> <code>http://*/*</code> </li> 239 <li> <code>https://*/*</code> </li> 240 <li> <code>*://*/*</code> </li> 241 <li> <code><all_urls></code> </li> 242 </ul> 243 </td> 244</tr> 245<tr> 246 <td style="font-weight:bold"> 247 <!-- IDS_EXTENSION_PROMPT_WARNING_?_HOST --> 248 <!-- IDS_EXTENSION_PROMPT_WARNING_4_OR_MORE_HOSTS --> 249 Your data on <em>{list of websites}</em> 250 </td> 251 <td> 252 A match pattern in the "permissions" field 253 that specifies one or more hosts, 254 but not all hosts 255 </td> 256 <td> 257 <p> 258 Up to 3 sites are listed by name. 259 Subdomains aren't treated specially. 260 For example, <code>a.com</code> and <code>b.a.com</code> 261 are listed as different sites. 262 </p> 263 264 <p> 265 On autoupdate, 266 the user sees a permission warning 267 if the extension adds or changes sites. 268 For example, going from <code>a.com,b.com</code> 269 to <code>a.com,b.com,c.com</code> 270 triggers a warning. 271 Going from <code>b.a.com</code> 272 to <code>a.com</code>, 273 or vice versa, 274 also triggers a warning. 275 </p> 276 </td> 277</tr> 278 279<tr> 280 <td style="font-weight:bold"> 281 <!-- IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT --> 282 Your list of installed apps, extensions, and themes 283 <br /> 284 <span style="font-weight:normal; font-style:italic">or</span> 285 <br /> 286 Manage themes, extensions, and apps 287 288 <!-- PENDING: remove "Manage...apps" alternative message 289 once the fix is out on stable channel --> 290 <!-- See http://crbug.com/67859 --> 291 </td> 292 <td> 293 "management" permission 294 </td> 295 <td> 296 The "management" permission is required by the 297 <a href="management.html"><code>chrome.management</code></a> module. 298 </td> 299</tr> 300 301<tr> 302 <td style="font-weight:bold"> 303 <!-- IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION --> 304 Your physical location 305 </td> 306 <td> 307 "geolocation" permission 308 </td> 309 <td> 310 Allows the extension to use the proposed HTML5 311 <a href="http://dev.w3.org/geo/api/spec-source.html">geolocation API</a> 312 without prompting the user for permission. 313 </td> 314</tr> 315</table> 316</p> 317 318 319<h2 id="nowarning"> Permissions that don't cause warnings </h2> 320 321<p> 322The following permissions don't result in a warning: 323</p> 324 325<ul> 326 <li>"chrome://favicon/"</li> 327 <li>"contextMenus"</li> 328 <li>"cookies"</li> 329 <li>"experimental"</li> 330 <li>"idle"</li> 331 <li>"notifications"</li> 332 <li>"unlimitedStorage"</li> 333</ul> 334 335<h2 id="test"> Testing permission warnings </h2> 336 337<p> 338If you'd like to see exactly which warnings your users will get, 339<a href="packaging.html">package your extension</a> 340into a <code>.crx</code> file, 341and install it. 342</p> 343 344<p> 345To see the warnings users will get when your extension is autoupdated, 346you can go to a little more trouble 347and set up an autoupdate server. 348To do this, first create an update manifest 349and point to it from your extension, 350using the "update_url" key 351(see <a href="autoupdate.html">Autoupdating</a>). 352Next, <a href="packaging.html">package the extension</a> 353into a new <code>.crx</code> file, 354and install the app from this <code>.crx</code> file. 355Now, change the extension's manifest to contain the new permissions, 356and <a href="packaging.html#update">repackage the extension</a>. 357Finally, update the extension 358(and all other extensions that have outstanding updates) 359by clicking the <b>chrome://extensions</b> page's 360<b>Update extensions now</b> button. 361</p> 362
