Trusted Chrome extension - javascript

I had to develop a Chrome Extension for a website i'm working for. I finished developing it just fine. But Chrome automatically turns it off after browser restarts, with following reason:
This extension is not listed in the Chrome Web Store and may have been added without your knowledge.
My question: Is it possible to have a "Trusted" extension without publishing it to the Chrome Web Store. I don't want to publish it because it wouldn't make much sense, because it is for a very restricted number of "corporative" users.

The chrome web store allows you to hide your extension from public listings. It also allows you do inline installation. This would allows users to install the chrome extension in their browser without ever having to leave your website. So it would be hosted in the chrome web store, trusted, but only installable from your own website.

Related

Detect 3rd party extension from client

This has been a bit hard to find, given Chrome has changed its API a lot so have found outdated suggestions. And what's not outdated is from the POV of writing an extension
Our js app is having trouble when some users have a specific chrome Extension installed. We want to warn users of potential issues if it sees that extension is present in the users browser.
This extension loads a single content-script and runs in the background. It doesn't have an open connection, exposure variables to the clients window or anything advanced.
Is there a way the client can ping or check for this script?
For instance, I tried using fetch of the chrome-extension:// manifest - same via a script tag loading the extensions main.js but those don't work, chrome complaining it can't load the asset (presumably a permissions issue)
Is it even possible?

Obtaining data from a chrome extension

I have a java application that can create a Socketed lan server to parse information from a website, with the main goal of collecting chat data. At first I was in a test version of that website and was able to just open a web socket in a chrome extension then save it toward the Java server. Now that I have went to the public version of the site where its actually heavily protected, the site has the Content Security Policy, that disallows the use of Web Sockets from chrome extensions. I am unsure if there is any possible way to transfer that chat data from the site to the server via google chrome extension or any other way.
I was trying to open a socket inside of the Website itself. "wOxxOm" gave me a lead that you cannot do that and I later on understood that you had to use websockets in the background.js of the chrome extension.

Testing Chrome Extension APIs Locally

This is a pretty general question with a couple examples. I'm fairly new to writing chrome extensions and I seem to keep running into cases that are impossible to test without deploying to the webstore (which takes ~60m each time). This is an impossible workflow. Am I missing something?
Case 1 inline installation
Trying to set up inline installation from my site to a chrome extension. When I run the site locally i get the following.
Error downloading extension: Inline installs can only be initiated for Chrome Web Store items that have one or more verified sites.
But I cannot seem to add localhost website property in chrome's developer dashboard. What is the recommended way to do this in a dev environment. I tried using local.mywebsite.com and adding a local alias for localhost, but now chrome cannot find the verification file you are required to serve...
Case 2 Chrome Extension OAuth
Attempting to use chrome.identity.launchWebAuthFlow to setup user credentials in my extension for my website, but of course the callback url provided https://<ext-id>.chromium.org/provider-cb does not redirect to my local deploy of the extension.
Is there no way to test these things??
Regarding your error "Inline installs can only be initiated for Chrome Web Store items that have one or more verified sites.", you may follow the instructions given in this page.
You need to:
Go to the Webmaster Tools.
Add the site to your sites.
Obtain and embed a verification code into your site.
Complete verification in Webmaster Tools.
Go to your Developer Dashboard (must be under the same Google account) and edit your Web Store item.
Select your site in "Verify that this is an official item for a website you own:"
Here are some references which might help in testing extensions:
Testing browser extensions
How to test chrome extensions?

Chrome Extension w/ Serial and Page Action

Currently, I have created a Chrome App that gets data from a serial connection using the Chrome App Serial API. My goal is to inject this data into a web page. I know this is capable with Chrome Extensions, but the issue there is that Chrome Extensions aren't capable of accessing the serial data on it's own. I also would like to use an Extension instead of an App because the Chrome Apps aren't going to be supported starting this year.
The only option I could think of is to use a Chrome App to get the serial data, send the data to an Extension, and then inject the data into a web page. This is definitely not preferable though. Besides the Chrome Apps not being supported, except for Chrome OS, I wouldn't like to have to have a user download the extension and the app just to implement this.
My preferred method would to have an Extension access the serial devices. Is this possible and/or is it going to possible in the future? If not, why?
Thanks in advance!

How to test Chrome extension for auto-update feature?

I am about to finish my Google Chrome extension. If I'm not mistaking all Chrome apps come with a capability of auto-updating. If so, is there a way for me to test it before I submit my app to the Chrome Web Store?
PS. Also do I need to account for any special conditions in my extension?
To test the updating procedure, it's best to submit your extension to the Web Store in a non-public fashion.
As you publish an item, you have a choice of Public, Unlisted, and Trusted Testers publication.
Public means that the extension will be searchable and everyone can install
Unlisted means everyone can install, but they need the direct link to the extension listing; it will not be searchable in the Web Store and not indexable by search engines.
Trusted Testers is the same as above, but also restricts installs to a whitelist of Google Accounts.
Go with any non-Public option and you can test it as it would actually behave (including the unfortunate delay of automatic review checks).
The method described by kadaj is no longer valid for Windows, as Chrome will reject any CRX not hosted by the Web Store.
But previously, yes, you could test this with setting up your own hosting (i.e. Dropbox Public folder) of the CRX and its associated update XML, as described in the guide. This still works for non-Windows platforms, as well as Dev/Canary builds on Windows.
All you need is to increment version number in your manifest file and the chrome app will automatically update itself. If you want to test this you can host your own extension and specify a update_url. Follow the guide at https://developer.chrome.com/extensions/autoupdate

Categories

Resources