The permission list for extensions includes entries that are already implied by more generic urls
Reported by
jro...@gmail.com,
Apr 14 2016
|
||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 Steps to reproduce the problem: 1. Create an extension an give it a permission for *.google.com 2. Inject a content script into mail.google.com 3. The extension now shows the permissions: "Read and change data on a number of websites: - All google.com sites - mail.google.com" What is the expected behavior? Chrome should only show the permission "All google.com sites" What went wrong? mail.google.com is implied by "All google.com sites", and it needs to be specified like that to only inject the content script into the specific site. However Chrome displays both permissions, which is confusing and harder to read. Did this work before? No Chrome version: 49.0.2623.112 Channel: n/a OS Version: OS X 10.11.0 Flash Version: Shockwave Flash 21.0 r0
,
Apr 14 2016
,
Apr 16 2016
This sgtm, treib@. My guess is we treat it differently because of script access vs host access, which is transparent to the user. Can you take this one (are you still doing extensions permissions stuff)?
,
Apr 19 2016
In principle, yes, but I probably won't get to it very soon. I'll keep it in my list as a P3 for now, since it doesn't seem super urgent. If anyone disagrees, feel free to jump in ;)
,
Sep 23 2016
,
Oct 18 2016
Throwing this back into the pool, in case someone else wants to pick it up.
,
Nov 22 2016
,
Nov 10 2017
,
Feb 8 2018
,
Feb 18 2018
|
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by rsesek@chromium.org
, Apr 14 2016Labels: -OS-Mac OS-All