The activeTab permission
The activeTab
permission gives an extension temporary access to the
currently active tab when the user invokes the extension - for example
by clicking its browser action. Access to the tab
lasts while the user is on that page, and is revoked when the user navigates
away or closes the tab.
This serves as an alternative for many uses of <all_urls>
, but displays no warning message during installation:
activeTab
permission will be
granted until the user navigates to a different origin. That is, if the user
invokes the extension on https://example.com and then navigates to
https://example.com/foo, the extension will continue to have access to the page.
If the user navigates to https://chromium.org, access is revoked.
Without activeTab | With activeTab | |
---|---|---|
Example
See the Page Redder sample extension:
{ "name": "Page Redder", "version": "2.0", "permissions": [ "activeTab" ], "background": { "scripts": ["background.js"], "persistent": false }, "browser_action": { "default_title": "Make this page red" }, "manifest_version": 2 }
// Called when the user clicks on the browser action. chrome.browserAction.onClicked.addListener(function(tab) { // No tabs or host permissions needed! console.log('Turning ' + tab.url + ' red!'); chrome.tabs.executeScript({ code: 'document.body.style.backgroundColor="red"' }); });
Motivation
Consider a web clipping extension that has a browser action and context menu item. This extension may only really need to access tabs when its browser action is clicked, or when its context menu item is executed.
Without activeTab
, this extension would need to request full, persistent access to every web site, just so that it could do its work if it happened to be called upon by the user. This is a lot of power to entrust to such a simple extension. And if the extension is ever compromised, the attacker gets access to everything the extension had.
In contrast, an extension with the activeTab
permission only
obtains access to a tab in response to an explicit user gesture. If the
extension is compromised the attacker would need to wait for the user to invoke
the extension before obtaining access. And that access only lasts until the tab
is navigated or is closed.
What activeTab allows
While the activeTab
permission is enabled for a tab, an extension can:
- Call
tabs.executeScript
ortabs.insertCSS
on that tab. - Get the URL, title, and favicon for that tab via an API that returns a
tabs.Tab
object (essentially,activeTab
grants thetabs
permission temporarily). - Intercept network requests in the tab to the tab's main frame origin using the webRequest API. The extension temporarily gets host permissions for the tab's main frame origin.
Invoking activeTab
The following user gestures enable activeTab
:
- Executing a browser action
- Executing a page action
- Executing a context menu item
- Executing a keyboard shortcut from the commands API
- Accepting a suggestion from the omnibox API