I'm working on a project to make a chrome extension and the idea is to take notes and write to a Google Doc. So far, for getting started I've created a API key and am using a Client ID (web app option) to work locally using the template from Google's JavaScript quickstart HTML, see source:
https://developers.google.com/docs/api/quickstart/js#python-2.x
I've since been messing around and made some functions and a popup.html that would be used for the extension popup. Now, I'd like to test this within the extension / browser environment and herein lies the issue. I would think you can get access to these APIs within the extension and still test and develop without publishing to the chrome store.
It seems I need a key in the manifest along with an oauth2, client_id, and scope. The latter I have, but I don't get how I can get a key for this? From the developer documentation, it mentions that you can pack your extension and this gave me private key, is that the same thing? I should note too, that the process listed in the documentation doesn't work for me as in my local files the extension isn't in my system.
Moreover, I suspect I need to get the scripts to handle logins and authorize as well, but one step at a time here.
Related
I've written some code that retrieves some data from google sheets then updates some content on my google sites. However, while the script works (when run on localhost) I encounter the
"details": "Not a valid origin for the client: https://966655698-atari-embeds.googleusercontent.com has not been whitelisted for client ID MY-ID. Please go to https://console.developers.google.com/ and whitelist this origin for your project's client ID."
However, I enabled this for localhost, cleared my caches. The problem is the 'https://966655698-atari-embeds'. Each time the google site loads it generates a new random number sequence. Does anyone know how to workaround this? The google site uses embedded html which I believe is why the initialization failed.
I have tried to white-list https://googleusercontent.com which didn't work (I didn't think it would because the domain changes) but I'm honestly incredibly stumped.
Google hosts all user content using their somedomain.googleusercontent.com. I do not know for certain, but I'm almost sure that to save space they dynamically host their content, meaning that when the embedded html does not need to be actively hosted, it isn't. I had to find a way to host from a site that would always send the request. For me, I found that github pages was the answer.
I found this on adobe's website which somewhat explains what googleusercontent does. https://helpx.adobe.com/analytics/kb/googleusercontentcom-instances.html
To set up github pages this link will explain how to do so https://guides.github.com/features/pages/
You can add this to the developer Google console relatively easily and any connection will submit from your username.github.io. (I believe it also uses https protocol). It also allows me to implement directly using git version control and implements nicely with WebStorm.
I have the code for my chrome extension on GitHub, which I want to publish on Chrome Store. Doing it manually once is fine, but I want to make an automated flow, where as soon as any commit comes to a release branch, chrome extension on the chrome store is also updated. Is there any documentation by any developer or Google which explains how to setup this for my chrome extension?
There are a few ways to do this:
by using npm module (article about that) (suits for you. You can setup script by using this module, then make a hook for a Travis CI)
by using Store APi // for additional reading
by using docker // for additional reading
I suggest using GitHub Actions to automate publishing. High-level steps are:
Building and packing your extension into zip file.
Obtaining (action) an access token for Google API (. using clientId, clientSecret, refreshToken (how get them? Docs, Article).
Upload zip as a new version to Web Store using API (action)
Once the uploaded version was reviewed, publish it (action).
However, there are some pitfalls in this process, such as undocumented responses from Google API, the need for repeating the uploading if it happened shortly after the previous one, refresh token expiration. If you want to build a convenient and robust workflow based on GitHub Actions to handle all these cases I can recommend reading this series of articles.
I'm trying write an extension which runs whenever you visit a steam profile. The extension gets the profile's ID, and should then call my database to check if they are a scammer, trusted middleman, etc.
I have written a version which works perfectly, however it has been denied by Google:
We routinely review items in the Chrome Web Store for compliance with
our Program policies to ensure a safe and trusted experience for our
users. Per our policies, where possible, make as much of your code
visible in the package as you can. If some of your app's logic is
hidden and it appears to be suspicious, we may remove it.
Your item was found to have requested/fetched one or more external
scripts. An example of one such instance in your item was found in
check.js line 18.
To have your item reinstated, please make any necessary changes to
ensure:
All of the files and code are included in the item’s package. Avoid
requesting or executing remotely hosted code (including by referencing
remote javascript files or executing code obtained by XHR requests).
The line of code in question is this:
fetch("https://www.example.com/check.php?id=" + id)
Is there a better/correct way of doing this that would be allowed in a web extension?
Thanks in advance.
I'm making an extension that among other things edit a javascript file in an external editor (one on the user's computer). The extension has the javascript file saved in chrome.storage but it will ofcourse be a lot easier for the user to write code in their own editor.
This is why I decided to find something that creates a file on the user's filesystem which the user can find and edit it themselves, and if any changes are made, sync that back up to the extension (either by periodically checking or by using some listener).
I have looked around but nothing really seems to fit what I'm trying to do. Chrome's fileSystem API only works for chrome apps, not chrome extensions and the HTML5 fileSystem API does not allow for a simple filesystem URL to be requested and opened, instead it obfuscates the stored file and makes it practically impossible to edit that file easily.
Something else I looked at which might be more promising is letting the user edit one of the files in the directory where the extension is stored and somehow retrieving that content. This is however going to be a bit tough to implement with chrome's all the hash checking going on in chrome extensions not to mention the general modifying of those files' contents by the extension (possibly by hacking around by specifying your own update URL and "updating" a dummy javascript file that is going to be written to).
Is there any way to simply ask for a location to store a file and then allow the user to edit that file and sync it back up?
No, extensions are sandboxed from the real filesystem.
As you said, it's possible to read extension's own files; however, this is read-only for the extension and modifying those files on a deployed extension will result in Chrome detecting extension "tampering" and immediate disabling as a precaution.
The only way for a Chrome extension to escape the sandbox is, as wOxxOm suggested, a Native Host module. Note that this cannot be distributed in Chrome Web Store with the extension; it needs a separate installer.
Alternatively, you could use some sort of cloud storage with API to access it; e.g. a user could store something in a Dropbox subfolder, and your extension can authorize access to it via Dropbox API. Unfortunately, there is no "native" solution like syncFileSystem for Apps.
I want to create a web app platform that runs locally on the users computer.
I am considering using google chrome's app process to make this work.
I am having trouble understanding, wether google will let me do this. so the user would have to download the main chrome app , which contains the base html and javascript code, and within the app be able to download and store locally with in the app new html and js code.
So in other words I want to create an app that allows users to download and install apps from my own app store, and have them run within the chrome app.
Does google chrome app development allow this?
if not what are my alternatives for creating an app that needs to run on a browser storing all files locally?
You can download HTML and CSS as much as you want and then use JavaScript to modify the DOM accordingly. It's not set up as any kind of system that lets you substitute pages, and there's no navigation within the app (using A elements), but you are free to modify the DOM.
There's no way to add any JavaScript to what's initially in the app, as eval and the other code-executing functions are disabled. You can certainly add SCRIPT elements to the DOM, but the files they reference have to have been part of the app at the time it was installed.
Having said all that, you can implement the app as an interpreter for some language and then download programs written in that language. It's just that none of the code can be direct Chrome App code, nor can any code you download (regardless of language) make direct Chrome API calls.
Have you looked at the HTML5 Filesystem API? You can fetch a file and reference it later. You also need the add the "unlimitedStorage" permission to manifest.json.
http://www.html5rocks.com/en/tutorials/file/filesystem/