Implement negative permissions
Categories
(WebExtensions :: General, enhancement, P3)
Tracking
(Not tracked)
People
(Reporter: zombie, Assigned: zombie)
References
(Blocks 2 open bugs)
Details
(Whiteboard: [addons-jira])
Attachments
(1 obsolete file)
- ⬜ Introduce and maintain a second list of “negative permissions” that an extension might be blocked from accessing, despite having a containing (<all_urls>) permission granted.
- ⬜ Check the URI against the list wherever we test host permissions.
- ⬜ Allow users to revoke a permission for a specific host (through the toolbar button or about:addons) even after granting <all_urls>.
- ⬜ Introduce a new
browser.pemirssions.canAccess()
API method, using a similar “target” object as the new scripting API. - ⬜ Ask feedback through the WECG on the API design.
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Comment 1•2 years ago
|
||
I really like the idea of having an extension with <all_urls>
host permission while giving the user the control about which specific websites (or match patterns) he/she actually wants to allow.
I also like the idea of providing browser.pemirssions.canAccess()
method.
I'm even in favor of adding 2 more methods (request and remove), in order to give extensions the power to (re-)request and to give up a "host permission". This way extension could basically use the permission API as a blacklist/blocklist and do not need to maintain a separate list of blocked domains/URLs. This is not only easier for an extension author but it is also easier to understand for the user, because otherwise there are two places that control if the add-on works on a certain website or not.
Just want to throw out an idea: Maybe it would be more feasible to use the already existing permissions API methods like contains
, remove
and request
by extending the Permissions object by another property.
Assignee | ||
Comment 3•11 months ago
|
||
Updated•11 months ago
|
Updated•11 months ago
|
Updated•11 months ago
|
Updated•11 months ago
|
Updated•11 months ago
|
Updated•2 months ago
|
Description
•