Chrome Web Store takes down applications without warning
Reported by
jktay...@gmail.com,
May 30 2018
|
|||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36 Steps to reproduce the problem: Steps to reproduce the problem: 1. Make extension title more descriptive and accurate so that users can better find your extension. 2. Place relevant keywords in your description that users are looking for to help find your extension. 3. If you are trying to monetize your extension, obfuscate the business logic so others cannot easily steal your code. What is the expected behavior? Making our descriptions and titles more accurately describe our extensions to help users find them should be allowed. Also, if google does not want us to obfuscate code, then they should provide a way to hide our business logic so that others cannot easily steal it. Google payments is after all shaving a cut off the top of the app sales. If our extension is at violation of any terms, we should be notified during the update process, not months later by checking the chrome store ourselves. If an issue is discovered, then our apps or offending content should be rolled back to a previous version instead of getting the immediate death penalty without warning. What went wrong? Doing anything of these things will get your extension automatically taken down from the webstore without warning. The only way to know your extension has been taken down is to check on it because the webstore still does not support any notifications of any kind. WebStore page: https://chrome.google.com/webstore/category/extensions Did this work before? N/A Chrome version: 66.0.3359.181 Channel: n/a OS Version: 10.0 Flash Version:
,
May 31 2018
As per comment #0, the issue seems to be a feature request. Hence, marking it as untriaged for further inputs from dev team. Thanks...!!
,
Jun 14 2018
At least Mozilla's extension upload process gives the option to submit the open source when submitting extensions containing compiled javascript code. Chrome could do better if the upload gave the option to minify/obfuscate the javascript files on Google's end.
,
Nov 5
,
Nov 6
So our extensions gets manually reviewed and reinstated several months ago, but then a policy changes and we are not allowed the time to react and make necessary changes without getting completely suspended? As of October 1st 2018, developers must not obfuscate code or conceal functionality of their extensions. This also applies to any external code or resource fetched by the extension package. For more information, please review our program policies. I also would like to link other's frustrations with the current system: https://github.com/secure-software-engineering/rose/issues/249 "I would guess that this suspension is automated\scripted. Probably not the brightest engineer wrote it to auto-suspend all account based on meeting some obscure criteria like piece of obfuscated code, name of a function or some line of code. That's why there is a lot of false positives and it takes a lot of time to manually review each suspension. Also based on what I have read on the Internet, there is absolutely no guaranty that this auto-suspension script wouldn't ban your account next time you update your extension."
,
Nov 9
Can you please provide a link to the extension in question, jktaylo1@? Thank you.
,
Nov 9
The extension has been taken down so the link just goes to 404 not found, but the id was egfdbbahfgffecgejddaohlhehdbgcim. It is a simple extension for people that use Amazon to sell custom products and track their search rankings on different keywords. It was recently ripped off by these guys(same look, uses the same UI technologies, called keyword "checker" instead of tracker...since I got kicked out they have now changed their name to Keyword Tracker just like mine), so I almost think they hit the report abuse button a bunch of times on us to take us out of the competition. https://chrome.google.com/webstore/detail/amazon-kw-index-and-rank/dehlblnjjkkbapjemjbeafjhjpjoifii?hl=en I obfuscated the code because users were using the debug tools to get around the in-app purchase code. It would be nice if google offered a way to obfuscate source code after upload to the store.
,
Nov 9
Also, what is stopping competitors for abusing the report abuse button like I think happened here?? |
|||
►
Sign in to add a comment |
|||
Comment 1 by krajshree@chromium.org
, May 31 2018