You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have been delaying it for some time, mainly because with the source being open and being the developer myself, I know that the extension is not harmful, but this should be better reflected in how we technically handle priorities.
The main reason for prioritizing this issue is that on my last update I got a notice that the release would be pending review due to the excessive use of permissions.
The majority of the chrome.tabs API can be used without declaring any permission. However, the "tabs" permission is required in order to populate the url, pendingUrl, title, and favIconUrl properties of Tab.
But we need to query for open tabs of podStation.
The documentation of the query function states the following regarding the url property of the queryInfo parameter:
Match tabs against one or more URL patterns. Fragment identifiers are not matched. This property is ignored if the extension does not have the "tabs" permission.
I tested removing the "tabs" permission and changing the url of the queryInfo object into chrome-extension://${chrome.runtime.id}/podstation.html with the ropes the rule would not apply in for tabs belonging to the extension, no luck.
I can try to ask the permission dynamically and see what happens.
I should also raise a feature request to chromium so that I can query for my own tabs.
I should also check the specifications for Browser Extensions - and raise this use case
https://developer.chrome.com/extensions/permissions#manifest
This was moved manually from bitbucket: https://bitbucket.org/dellagustin/podstation_chrome_ext/issues/112/feeds-use-optional-permissions-to-access
most critical permissions:
also:
about priority
This is a high priority issue.
I have been delaying it for some time, mainly because with the source being open and being the developer myself, I know that the extension is not harmful, but this should be better reflected in how we technically handle priorities.
The main reason for prioritizing this issue is that on my last update I got a notice that the release would be pending review due to the excessive use of permissions.
Permissions
Tabs
Tabs is necessary so that we can bring a podstation tab into focus, if it is already open: https://github.com/podStation/podStation/blob/master/extension/background/podstation_bg.js
I have created #54 to follow up on the tabs permission.
Generic url access permission
The generic website access permissions ("http:///", "https:///") are necessary in order to fetch the feeds.
This topic will be handled specifically with #62
Content Script
See #61
References
The text was updated successfully, but these errors were encountered: