Add specification for externally_connectable.
#873
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -143,7 +143,19 @@ This key may be present. | |
|
|
||
| ### Key `externally_connectable` | ||
|
|
||
| The <a href="#key-externally_connectable">`externally_connectable`</a> key declares which extensions and web pages can establish connections to the extension using [=runtime.connect()=] and [=runtime.sendMessage()=]. If omitted, all extensions may connect, but no web pages can connect. | ||
|
|
||
| This key may be present and may include the following optional keys: | ||
|
|
||
| #### Key `ids` | ||
|
|
||
| A [=list=] of [=extension IDs=] that specifies which extensions can communicate with the extension. To allow all extensions, include the pattern `*` in the list. If left empty or omitted, no extensions can connect. | ||
|
There was a problem hiding this comment. Question:
You already mentioned in the introduction that omitting |
||
|
|
||
| #### Key `matches` | ||
|
|
||
| A [=list=] of [=match patterns=] that specifies which web pages can communicate with the extension. If left empty or omitted, no web pages can connect. | ||
|
There was a problem hiding this comment. There is an edge case where document URLs cannot be described by a match pattern. For these cases, we specified an algorithm to determine the URL to use for matching content scripts, at specification/index.bs: "Determine the URL for matching a document". Can we point to this? @oliverdunk Could you confirm that this is what Chrome does (or intends to use)? |
||
|
|
||
| Any [=match patterns=] that include wildcard domains, or wildcard subdomains of a top-level domain, must be ignored. | ||
|
There was a problem hiding this comment. Wildcard domains is, arguably, the most important think that An extension can extend the built-in browser API via |
||
|
|
||
| ### Key `devtools_page` | ||
|
|
||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i'm not sure if this is the correct way to reference these two APIs. also, will the documentation for these live in this doc or are we planning to have separate docs for each API namespace? if the latter, then i'm not sure what's the best way to reference them here
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should at least mention that these keys control what is allowed to trigger the
runtime.onMessageExternalandruntime.onConnectExternalevents. This is a worthy callout because ordinarily, theruntime.connectandruntime.sendMessagetriggerruntime.onMessageandruntime.onConnectinstead.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since these messaging APIs are web-exposed, I wonder whether we should make an effort to write down the namespace and methods that are expected to be supported, part of https://github.com/w3c/webextensions/blob/main/specification/window.browser.bs (or a separate doc, linked from there)