"Broad host permissions" 尽管只有一个主机在权限中,但网上商店警告
"Broad host permissions" Webstore warning despite only one host in permissions
我正在尝试发布一个 chrome 扩展程序,但是当我尝试时,出现了这条消息:
Because of the following issue, your extension may require an in-depth review:
- Broad host permissions
Instead of requesting broad host permissions, consider using the activeTab permission, or specify the sites that your extension needs access to. Both options are more secure than allowing full access to an indeterminate number of sites, and they may help minimize review times.
The activeTab permission allows access to a tab in response to an explicit user gesture.
{
...
"permissions": ["activeTab"]
}
If your extension only needs to run on certain sites, simply specify those sites in the extension manifest:
{
...
"permissions": ["https://example.com/*"]
}
我的清单具有这些权限:
{
"manifest_version":2,
"name": "Online Console",
"version":"1.0",
"description": "Simulador de consola de Online",
"browser_action":{
"default_icon": "icon24.png",
"default_popup": "primero.html"
},
"permissions": [ "activeTab", "https://google.com" ],
"content_scripts": [{
"js": [ "jquery.min.js" ],
"matches": [ "http://*/*", "https://*/*" ]
}]
}
为什么我会收到此警告以及如何解决?
在内容脚本中匹配主机会隐式授予您主机权限。
因此,您的有效主机权限是 "*://*",这就是您需要解决的问题。
如果您有 activeTab 权限以根据用户手势激活您的扩展程序,并且您需要 jQuery,只需在您的代码之前先以编程方式注入它。
不要在需要之前不加选择地将 jQuery 注入每个页面 "just in case"。因此,您的 content_scripts 部分需要完整(或限制为 "https://google.com" 以匹配显式权限)
我正在尝试发布一个 chrome 扩展程序,但是当我尝试时,出现了这条消息:
Because of the following issue, your extension may require an in-depth review:
- Broad host permissions
Instead of requesting broad host permissions, consider using the activeTab permission, or specify the sites that your extension needs access to. Both options are more secure than allowing full access to an indeterminate number of sites, and they may help minimize review times.
The activeTab permission allows access to a tab in response to an explicit user gesture.
{ ... "permissions": ["activeTab"] }If your extension only needs to run on certain sites, simply specify those sites in the extension manifest:
{ ... "permissions": ["https://example.com/*"] }
我的清单具有这些权限:
{
"manifest_version":2,
"name": "Online Console",
"version":"1.0",
"description": "Simulador de consola de Online",
"browser_action":{
"default_icon": "icon24.png",
"default_popup": "primero.html"
},
"permissions": [ "activeTab", "https://google.com" ],
"content_scripts": [{
"js": [ "jquery.min.js" ],
"matches": [ "http://*/*", "https://*/*" ]
}]
}
为什么我会收到此警告以及如何解决?
在内容脚本中匹配主机会隐式授予您主机权限。
因此,您的有效主机权限是 "*://*",这就是您需要解决的问题。
如果您有 activeTab 权限以根据用户手势激活您的扩展程序,并且您需要 jQuery,只需在您的代码之前先以编程方式注入它。
不要在需要之前不加选择地将 jQuery 注入每个页面 "just in case"。因此,您的 content_scripts 部分需要完整(或限制为 "https://google.com" 以匹配显式权限)