Confirmed. The optional permission only gets applied to new tabs, or the current tab after refreshing the page (actually, any tab where the activeTab permission has been calculated needs to be refreshed before the tabCapture permission becomes effective).

I think that the best course of action is to remove an extension from granted_extensions_ when an optional tabCapture (and activeTab?) permission is granted.


Here are the steps for testing.
0. Install the extension below.
1. Open example.com, example.net and example.org in different tabs (they don't have to be different origins, but it makes these steps-to-reproduce easier to follow).
2. Click on the button at example.com, deny the confirm dialog.
3. (ignore the alert dialog)
4. Click on the button at example.net, accept the confirm dialog.
5. Approve the permission request.
6. Check the alert dialog. Did tabCapture at example.net succeed?
7. Click on the button at example.org.
8. Check the alert dialog. Did tabCapture at example.org succeed?
9. Click on the button at example.com.
10.Check the alert dialog. Did tabCapture at example.com succeed?

Observed result:
- At step 6 and 10, the tabCapture request failed.
- At step 8 the tabCapture request succeeded (because activeTab was not calculated before).

Expected result:
- At step 6, 8 and 10, the tabCapture request should succeed.


// background.js
chrome.browserAction.onClicked.addListener(function() {
    if (confirm('Do you want to request permissions?')) {
        chrome.permissions.request({
            permissions: ['tabCapture']
        }, cb);
    } else {
       cb();
    }
    function cb() {
        var lastError = chrome.runtime.lastError;
        if (lastError)
            alert('Error before tabCapture: \n' + lastError.message);
        try {
            chrome.tabCapture.capture({
                audio: true,
            }, function(s) {
                var lastError = chrome.runtime.lastError || {};
                alert(lastError.message + '\n' + s);
            });
        } catch (e) {
            alert('Synchronous error: ' + e);
        }
    }
});

// manifest.json
{
    "name": "optional tabCapture",
    "version": "1",
    "manifest_version": 2,
    "background": {
        "scripts": ["background.js"]
    },
    "browser_action": {
        "default_title": ""
    },
    "permissions": [
        "activeTab"
    ],
    "optional_permissions": [
        "tabCapture"
    ]
}

Fun.  Good find, thembrown@.

> I think that the best course of action is to remove an extension from granted_extensions_ when an optional tabCapture (and activeTab?) permission is granted.

This won't work because we need to know which extensions have granted permissions so that we can clear them in ClearActiveExtensionsAndNotify().

> I'm not sure what's the best way to handle this instead. Maybe it should use two sets instead of granted_extensions_  (one for activeTab, one for tabCapture), or update granted_extensions_  when an optional permission has been granted.

I think this is probably closer to what we'll need to do, but I'd tweak it slightly to have a map from extension to a set of granted permissions.  Then, instead of just returning in GrantIfRequested() if the extension is present in granted_extensions_, we'd compare what we would grant to what we did grant, and optionally add the rest.

I probably won't have time to get to this for a bit, but I'd be happy to review a patch. :)

Marking as Available to get out of triage queue. (thembrown@ - it would be awesome if you want to contribute a patch)

This issue has been Available for over a year. If it's no longer important or seems unlikely to be fixed, please consider closing it out. If it is important, please re-triage the issue.

Sorry for the inconvenience if the bug really should have been left as Available. If you change it back, also remove the "Hotlist-Recharge-Cold" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot