Inconsistency: storage.managed

[erosman]

Inconsistency: storage.managed

Please note some inconsistencies regarding the storage.managed API. Other browsers not checked.

(async () => {

  // no catch
  console.log(await chrome.storage.managed.get());
  console.log(await browser.storage.managed.get());

  // with catch
  console.log(await chrome.storage.managed.get().catch(() => {}));
  console.log(await browser.storage.managed.get().catch(() => {}));

})();

	Chrome	Firefox
manifest.json	"storage": { "managed_schema": "schema.json" },	not required
schema.json	required	not required
not found no-catch	{ }	Uncaught (in promise) Error: Managed storage manifest not found
not found with-catch	{ }	undefined
Policy location: linux	/etc/opt/chrome/policies/managed/	/etc/firefox/policies firefox/distribution
Policy Format	{ "3rdparty": { "extensions": { "extension-ID": { } } } } Note: "extensions"	{ "policies": { "3rdparty": { "Extensions": { "extension-ID": { } } } } } Note: "policies" & "Extensions"
Manifest location: linux	n/a	/usr/lib/mozilla/managed-storage/{name}.json ~/.mozilla/managed-storage/{name}.json

See also: https://bugzilla.mozilla.org/show_bug.cgi?id=1868153

[stefanvd]

I found this also an issue that gives me browser extension no harmony the same for all web browsers. I have discussed it in my latest blog post titled "Firefox Manifest V3 Extension: A Developer's Perspective," which you can read at https://www.stefanvd.net/blog/2023/11/30/firefox-manifest-v3-extension-a-developer-perspective/.

If the group looking for an example that uses the managed store, you can check out my Open-Source Turn Off the Lights Chrome extension and Firefox extension. The code can be found at https://github.com/turnoffthelights/Turn-Off-the-Lights-Chrome-extension/blob/manifest-v3/src/schema.json

(I also added this issue link also on my blog post)

[Rob--W]

The policy location and formats are browser-specific and won't converge to one location.

The managed_schema JSON file is not implemented in Firefox, because we felt that it did not make sense to implement something that was under-specified as Chrome's managed_schema JSON format. The Firefox-side bug to track this feature is at https://bugzilla.mozilla.org/show_bug.cgi?id=1771731

Agreeing on a common schema format is required before an implementation of managed_schema can be considered in Firefox. If the "common format" is too simple and doesn't include features that are supported and used, then a strict enforcement of the schema by Firefox would result in the inability to configure an extension as desired. If the "common format" is too broad, then that would add significant complexity and maintenance burden on Firefox (which introduces the risk of bugs).

If the group looking for an example that uses the managed store, you can check out my Open-Source Turn Off the Lights Chrome extension and Firefox extension. The code can be found at https://github.com/turnoffthelights/Turn-Off-the-Lights-Chrome-extension/blob/manifest-v3/src/schema.json

Here is another example of a more complex schema: https://github.com/mozilla/pdf.js/blob/d56453289c4a37beb3dbbd108e78c18b6d34fa90/extensions/chromium/preferences_schema.json Note that it uses enum, which is supported but not even documented at Chrome's documentation of storage.managed_schema: https://developer.chrome.com/docs/extensions/reference/manifest/storage

The policy formats themselves are also complicated: The policy formats are platform-specific (but in a format that should be recognizable by administrators who already use policy templates).

• Firefox: https://extensionworkshop.com/documentation/enterprise/adding-policy-support-to-your-extension/
• Chromium: https://www.chromium.org/administrators/configuring-policy-for-extensions/
  • (more Chromium references can be found in the commit message of https://github.com/mozilla/pdf.js/pull/5082/commits/00746011a363c9c771c69495d2cfa87f3c6bb2d5)

[twschiller]

In Chromium, I think there's also a bug where managed storage might not be available immediately on extension initialization. Would you happen to know if the intended behavior/guarantees are specified anywhere?

• Privacy Badger has this code to accommodate: https://github.com/EFForg/privacybadger/blob/master/src/js/storage.js#L45
• We also do something similar: https://github.com/pixiebrix/pixiebrix-extension/blob/f15dac9907b0aa28e56ea93f2dd74db34c092aa0/src/store/enterprise/managedStorage.ts#L57-L57

The gotcha is that we want to use managed storage to control enterprise options that impact extension startup, e.g., specifying the SAML URL for authentication. So ideally, we wouldn't have to make a timeout assumption because that impacts user experience because we have to be conservative

[erosman]

Please note that the differences are listed for information and not recommendations.

managed_schema

There are many of new schema features that are not supported in Chrome schema such as: $def, $ref pointing "#/$defs/include" or "#/definitions/include" (I couldn't get it to work on Chrome although they validates fine) and more.

TBH, not having managed_schema makes it simpler.

Return

The return value when the managed storage is not found, is the most relevant inconsistency.

Policy Properties

The inconsistency in the format of the policy could be considered e.g. "policies" & "Extensions"