w3c / webextensions

Charter and administrivia for the WebExtensions Community Group (WECG)
Other
605 stars 56 forks source link

[MV3] Clarify browser inconsistency for temporary host permissions granted on extension click #657

Open danielhjacobs opened 4 months ago

danielhjacobs commented 4 months ago

In Chrome: If you click an extension icon on a tab on which you have not granted host permissions, it requires that you refresh the page before it will load the extension. You can reload the page as many times as you want without permanent host permissions and it will load the extension each time, until you close the tab.

In Firefox: If you click the extension icon on a tab on which you have not granted host permissions it automatically loads the extension. If you refresh the page, it requires another click.

I am unsure of the Safari behavior.

danielhjacobs commented 4 months ago

Note that I personally prefer the Chrome behavior. I contribute to the extension Ruffle, used for Flash Player emulation. At document start Ruffle registers a content script with the MAIN ExecutionWorld to polyfill navigator.plugins, so pages that do Flash detection by checking that are fooled.

That script won't work unless it's run at document start.

xeenon commented 4 months ago

Safari behaves like Firefox, where the styles and scripts are injected in all open tabs that match the newly granted host permissions.

danielhjacobs commented 4 months ago

We added this code, which is necessary on Firefox and according to xeenon Safari, but not Chromium:

https://github.com/ruffle-rs/ruffle/blob/master/web/packages/extension/src/background.ts#L62-L72

When that is true the extension popup shows a reload button. We needed that because some pages won't work with our extension if the content scripts don't run on document start. That only shows after you grant permanent host permissions; we show a button to grant permanent host permissions in the popup if you haven't granted them for the tab already.

On Firefox the flow to run those sometimes necessary scripts is:

Click popup --> click button to grant permanent permissions --> accept new permissions (this usually dismisses the popup because the toast is usually outside the popup) --> re-open popup and click reload button or manually reload the page.

On Chrome the flow to run those sometimes necessary scripts is:

Click popup --> click browser's built-in reload tab button that pops up. You can then grant permanent permissions with the button in the popup but you don't have to because the necessary scripts already ran.

zombie commented 4 months ago

On Firefox the flow to run those sometimes necessary scripts is:

Click popup --> click button to grant permanent permissions --> accept new permissions (this usually dismisses the popup because the toast is usually outside the popup) --> re-open popup and click reload button or manually reload the page.

You don't really need the last step to be manual, you get the event when your extension is granted permission, and if you need to run a script that requires a reload, you can do that automatically using tabs.reload.

danielhjacobs commented 4 months ago

You don't really need the last step to be manual, you get the event when your extension is granted permission, and if you need to run a script that requires a reload, you can do that automatically using tabs.reload.

You're right of course, and originally it wasn't manual, but for our use-case it's better if it is manual, so I merged https://github.com/ruffle-rs/ruffle/pull/17082. The content script that runs on document start is only necessary on certain websites (in particular, websites with scripts that decide whether to show Flash content on document load by checking for Shockwave Flash in navigator.plugins). If you're on a website that doesn't have such scripts, you may have granted temporary permissions by clicking the extension popup, played a Flash game for several minutes (as I said, the extension I'm referring to is the Ruffle Flash emulator), and then decided to grant permanent permissions by clicking the button in the popup so you won't need to grant temporary permissions next time. You wouldn't necessarily then want the page to reload. Also, because the Chromium behavior is what it is, this is even more likely to happen there, and on Chromium there is no need to reload the page on any website after granting permanent permissions, since after granting temporary permissions you already reloaded it through their click-to-script (using the term from https://docs.google.com/document/d/1QkwhEMtMS67JBUkl_WVPZ4lRSKoWcQNlLJSf_GwSXg8/view) so scripts that needed to run on document start already did.

image

danielhjacobs commented 4 months ago

I will say, regardless of the decision made here about anything else, I personally think it would be nice if temporary host permissions granted through a click on the extension action lasted through a page refresh on Firefox like they do on Chromium.

danielhjacobs commented 4 months ago

Also, another minor annoyance I had, should clicking "Allow" on the toast that appears after clicking a button in the extension popup that requests host permissions be dismissing the popup? I guess it makes sense, but it just made it more annoying to check if permissions were granted by someone clicking the button in the popup, which could have been done with a const granted = await (browser || chrome).permissions.request in the popup if this didn't work that way, but had to instead be done in the background script/service worker since the popup scripts stop running the moment the popup is dismissed.

dotproto commented 2 months ago

I will say, regardless of the decision made here about anything else, I personally think it would be nice if temporary host permissions granted through a click on the extension action lasted through a page refresh on Firefox like they do on Chromium.

Here's the relevant Firefox issue: https://bugzil.la/1805687.