| OLD | NEW |
| 1 <div id="pageData-name" class="pageData">Formats: Manifest Files</div> | 1 <div id="pageData-name" class="pageData">Formats: Manifest Files</div> |
| 2 <div id="pageData-showTOC" class="pageData">true</div> | 2 <div id="pageData-showTOC" class="pageData">true</div> |
| 3 | 3 |
| 4 <p> | 4 <p> |
| 5 Every extension, installable web app, and theme has a | 5 Every extension, installable web app, and theme has a |
| 6 <a href="http://www.json.org">JSON</a>-formatted manifest file, | 6 <a href="http://www.json.org">JSON</a>-formatted manifest file, |
| 7 named <code>manifest.json</code>, | 7 named <code>manifest.json</code>, |
| 8 that provides important information. | 8 that provides important information. |
| 9 </p> | 9 </p> |
| 10 | 10 |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 48 "<a href="#minimum_chrome_version">minimum_chrome_version</a>": "<em>versionSt
ring</em>", | 48 "<a href="#minimum_chrome_version">minimum_chrome_version</a>": "<em>versionSt
ring</em>", |
| 49 | 49 |
| 50 "<a href="#nacl_modules">nacl_modules</a>": [...], | 50 "<a href="#nacl_modules">nacl_modules</a>": [...], |
| 51 "<a href="#offline_enabled">offline_enabled</a>": true, | 51 "<a href="#offline_enabled">offline_enabled</a>": true, |
| 52 "<a href="omnibox.html">omnibox</a>": { "keyword": "<em>aString</em>" }, | 52 "<a href="omnibox.html">omnibox</a>": { "keyword": "<em>aString</em>" }, |
| 53 "<a href="options.html">options_page</a>": "<em>aFile</em>.html", | 53 "<a href="options.html">options_page</a>": "<em>aFile</em>.html", |
| 54 "<a href="#permissions">permissions</a>": [...], | 54 "<a href="#permissions">permissions</a>": [...], |
| 55 "<a href="npapi.html">plugins</a>": [...], | 55 "<a href="npapi.html">plugins</a>": [...], |
| 56 "<a href="#requirements">requirements</a>": {...}, | 56 "<a href="#requirements">requirements</a>": {...}, |
| 57 "<a href="autoupdate.html">update_url</a>": "http://<em>path/to/updateInfo</em
>.xml", | 57 "<a href="autoupdate.html">update_url</a>": "http://<em>path/to/updateInfo</em
>.xml", |
| 58 "<a href="#web_accessible_resources">web_accessible_resources</a>": [...] | 58 "<a href="#web_accessible_resources">web_accessible_resources</a>": [...], |
| 59 "<a href="#sandboxed_pages">sandboxed_pages</a>": [...] |
| 59 } | 60 } |
| 60 </pre> | 61 </pre> |
| 61 | 62 |
| 62 | 63 |
| 63 <h2>Field details</h2> | 64 <h2>Field details</h2> |
| 64 | 65 |
| 65 <p> | 66 <p> |
| 66 This section covers fields that aren't described in another page. | 67 This section covers fields that aren't described in another page. |
| 67 For a complete list of fields, | 68 For a complete list of fields, |
| 68 with links to where they're described in detail, | 69 with links to where they're described in detail, |
| (...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 217 <p> | 218 <p> |
| 218 A dictionary that specifies all intent handlers provided by this extension or ap
p. Each key in the dictionary specifies an action verb that is handled by this e
xtension. The following example specifies two handlers for the action verb "<a h
ref="http://webintents.org/share">http://webintents.org/share</a>". | 219 A dictionary that specifies all intent handlers provided by this extension or ap
p. Each key in the dictionary specifies an action verb that is handled by this e
xtension. The following example specifies two handlers for the action verb "<a h
ref="http://webintents.org/share">http://webintents.org/share</a>". |
| 219 </p> | 220 </p> |
| 220 | 221 |
| 221 <pre> | 222 <pre> |
| 222 { | 223 { |
| 223 "name": "test", | 224 "name": "test", |
| 224 "version": "1", | 225 "version": "1", |
| 225 "intents": { | 226 "intents": { |
| 226 "http://webintents.org/share": [ | 227 "http://webintents.org/share": [ |
| 227 { | 228 { |
| 228 "type": ["text/uri-list"], | 229 "type": ["text/uri-list"], |
| 229 "href": "/services/sharelink.html", | 230 "href": "/services/sharelink.html", |
| 230 "title" : "Sample Link Sharing Intent", | 231 "title" : "Sample Link Sharing Intent", |
| 231 "disposition" : "inline" | 232 "disposition" : "inline" |
| 232 }, | 233 }, |
| 233 { | 234 { |
| 234 "type": ["image/*"], | 235 "type": ["image/*"], |
| 235 "href": "/services/shareimage.html", | 236 "href": "/services/shareimage.html", |
| 236 "title" : "Sample Image Sharing Intent", | 237 "title" : "Sample Image Sharing Intent", |
| 237 "disposition" : "window" | 238 "disposition" : "window" |
| 238 } | 239 } |
| 239 ] | 240 ] |
| 240 } | 241 } |
| 241 } | 242 } |
| 242 </pre> | 243 </pre> |
| 243 | 244 |
| 244 <p> | 245 <p> |
| 245 The value of "type" is an array of mime types that is supported by this handler.
The "href" indicates the URL of the page that handles the intent. For hosted ap
ps, these URLs must be within the allowed set of URLs. For extensions, all URLs
are inside the extension and considered relative to the extension root URL. | 246 The value of "type" is an array of mime types that is supported by this handler.
The "href" indicates the URL of the page that handles the intent. For hosted ap
ps, these URLs must be within the allowed set of URLs. For extensions, all URLs
are inside the extension and considered relative to the extension root URL. |
| 246 </p> | 247 </p> |
| 247 | 248 |
| 248 <p> | 249 <p> |
| 249 The "title" is displayed in the intent picker UI when the user initiates the act
ion specific to the handler. | 250 The "title" is displayed in the intent picker UI when the user initiates the act
ion specific to the handler. |
| 250 </p> | 251 </p> |
| 251 | 252 |
| 252 <p> | 253 <p> |
| 253 The "disposition" is either "inline" or "window". Intents with "window" disposit
ion will open a new tab when invoked. Intents with "inline" disposition will be
displayed inside the intent picker when invoked. | 254 The "disposition" is either "inline" or "window". Intents with "window" disposit
ion will open a new tab when invoked. Intents with "inline" disposition will be
displayed inside the intent picker when invoked. |
| 254 </p> | 255 </p> |
| 255 | 256 |
| (...skipping 352 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 608 <a href="tts.html">chrome.tts</a> module. </td> | 609 <a href="tts.html">chrome.tts</a> module. </td> |
| 609 </tr> | 610 </tr> |
| 610 <tr> | 611 <tr> |
| 611 <td> "ttsEngine" </td> | 612 <td> "ttsEngine" </td> |
| 612 <td> Required if the extension uses the | 613 <td> Required if the extension uses the |
| 613 <a href="ttsEngine.html">chrome.ttsEngine</a> module. </td> | 614 <a href="ttsEngine.html">chrome.ttsEngine</a> module. </td> |
| 614 </tr> | 615 </tr> |
| 615 <tr> | 616 <tr> |
| 616 <td> "unlimitedStorage"</td> | 617 <td> "unlimitedStorage"</td> |
| 617 <td> Provides an unlimited quota for storing HTML5 client-side data, | 618 <td> Provides an unlimited quota for storing HTML5 client-side data, |
| 618 such as databases and local storage files. | 619 such as databases and local storage files. |
| 619 Without this permission, the extension is limited to | 620 Without this permission, the extension is limited to |
| 620 5 MB of local storage. | 621 5 MB of local storage. |
| 621 | 622 |
| 622 <p class="note"> | 623 <p class="note"> |
| 623 <b>Note:</b> | 624 <b>Note:</b> |
| 624 This permission applies only to Web SQL Database and application cache | 625 This permission applies only to Web SQL Database and application cache |
| 625 (see issue <a href="http://crbug.com/58985">58985</a>). | 626 (see issue <a href="http://crbug.com/58985">58985</a>). |
| 626 Also, it doesn't currently work with wildcard subdomains such as | 627 Also, it doesn't currently work with wildcard subdomains such as |
| 627 <code>http://*.example.com</code>. | 628 <code>http://*.example.com</code>. |
| 628 </p> | 629 </p> |
| 629 </td> | 630 </td> |
| 630 <tr> | 631 <tr> |
| 631 <tr> | 632 <tr> |
| 632 <td> "webNavigation" </td> | 633 <td> "webNavigation" </td> |
| 633 <td> Required if the extension uses the | 634 <td> Required if the extension uses the |
| 634 <a href="webNavigation.html">chrome.webNavigation</a> module. </td> | 635 <a href="webNavigation.html">chrome.webNavigation</a> module. </td> |
| 635 </tr> | 636 </tr> |
| 636 <tr> | 637 <tr> |
| 637 <td> "webRequest" </td> | 638 <td> "webRequest" </td> |
| 638 <td> Required if the extension uses the | 639 <td> Required if the extension uses the |
| (...skipping 157 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 796 <code>chrome.extension.getURL</code> | 797 <code>chrome.extension.getURL</code> |
| 797 </a> method. Whitelisted resources are served with appropriate | 798 </a> method. Whitelisted resources are served with appropriate |
| 798 <a href="http://www.w3.org/TR/cors/">CORS</a> headers, so they're available via | 799 <a href="http://www.w3.org/TR/cors/">CORS</a> headers, so they're available via |
| 799 mechanisms like XHR. | 800 mechanisms like XHR. |
| 800 </p> | 801 </p> |
| 801 | 802 |
| 802 <p> | 803 <p> |
| 803 Injected content scripts themselves do not need to be whitelisted. | 804 Injected content scripts themselves do not need to be whitelisted. |
| 804 </p> | 805 </p> |
| 805 | 806 |
| 806 <h4>Default Availablility</h4> | 807 <h4>Default Availability</h4> |
| 807 | 808 |
| 808 <p> | 809 <p> |
| 809 Resources inside of packages using <a href="#manifest_version"> | 810 Resources inside of packages using <a href="#manifest_version"><code>manifest_ve
rsion</code></a> |
| 810 <code>manifest_version</code> | 811 2 or above are <strong>blocked by default</strong>, and must be whitelisted |
| 811 </a> 2 or above are <strong>blocked by default</strong>, and must be whitelisted | |
| 812 for use via this property. | 812 for use via this property. |
| 813 </p> | 813 </p> |
| 814 | 814 |
| 815 <p> | 815 <p> |
| 816 Resources inside of packages using <code>manifest_version</code> 1 are available | 816 Resources inside of packages using <code>manifest_version</code> 1 are available |
| 817 by default, but <em>if</em> you do set this property, then it will be treated as | 817 by default, but <em>if</em> you do set this property, then it will be treated as |
| 818 a complete list of all whitelisted resources. Resources not listed will be | 818 a complete list of all whitelisted resources. Resources not listed will be |
| 819 blocked. | 819 blocked. |
| 820 </p> | 820 </p> |
| 821 | 821 |
| 822 <h3 id="sandboxed_pages">sandboxed_pages</h3> |
| 823 |
| 824 <p> |
| 825 A list of paths (relative to the package root) to pages that are to be served |
| 826 in a sandboxed unique origin, and optionally a Content Security Policy to use |
| 827 with them. Being in a sandbox has two implications: |
| 828 </p> |
| 829 |
| 830 <ol> |
| 831 <li>A sandboxed page will not have access to extension or app APIs, or |
| 832 direct access to non-sandboxed pages (it may communicate with them via |
| 833 <code>postMessage()</code>).</li> |
| 834 <li>A sandboxed page is not subject to the |
| 835 <a href="contentSecurityPolicy.html">Content Security Policy (CSP)</a> used |
| 836 by the rest of the app or extension (it has its own separate CSP value). This |
| 837 means that, for example, it can use inline script and <code>eval</code>.</li> |
| 838 </ol> |
| 839 |
| 840 <p>For example, here's how to specify that two extension pages are to be served |
| 841 in a sandbox with a custom CSP:</p> |
| 842 |
| 843 <pre>{ |
| 844 ... |
| 845 "sandboxed_pages": { |
| 846 "pages": [ |
| 847 "page1.html", |
| 848 "directory/page2.html" |
| 849 ] |
| 850 <i>// content_security_policy is optional.</i> |
| 851 "content_security_policy": |
| 852 "sandbox allow-scripts: script-src https://www.google.com" |
| 853 ], |
| 854 ... |
| 855 }</pre> |
| 856 |
| 857 <p> |
| 858 The sandbox is enforced by using the |
| 859 <a href="http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-
element.html#attr-iframe-sandbox">HTML5 sandbox</a> |
| 860 with the tokens <code>allow-scripts allow-forms</code>. You can specify a |
| 861 different CSP value to use instead, but it must have the <code>sandbox</code> |
| 862 directive and may not have the <code>allow-same-origin</code> token. |
| 863 </p> |
| 864 |
| 865 <p> |
| 866 Note that you only need to list pages that you expected to be loaded in |
| 867 windows or frames. Resources used by sandboxed pages (e.g. stylesheets or |
| 868 JavaScript source files) do not need to appear in the |
| 869 <code>sandboxed_page</code> list, they will use the sandbox of the page |
| 870 that embeds them. |
| 871 </p> |
| 872 |
| 873 <p> |
| 874 Sandboxed page may only be specified when using |
| 875 <a href="#manifest_version"><code>manifest_version</code></a> 2 or above. |
| 876 </p> |
| OLD | NEW |