Post

Replies

Boosts

Views

Activity

Extension permissions? Does NOT need to read sensitive information
I could not find any way to create an extension with permissions to read the URL without also asking for permission to read the FULL DOM including passwords.A user sent me this screen shot showing an AD BLOCKER that somehow does not read the DOM!My app needs only see the URL, we do NOT read the DOM at all and I don't want to ask for permission to read the entire DOM!The documentation CLEARLY says there is only All Some or Nonehttps://developer.apple.com/documentation/safariservices/safari_app_extensions/safari_app_extension_info_property_list_keys/adjusting_website_access_permissions?language=objcHow does an app NOT ask for permission to read passwords and crazy stuff?Thanks for what must be obvious!This is my first Safari Extensionoh, ok, I guess I can't attach a photo but you get the idea.If I ask for Allowed to be any twitter.com domain, and "Some" allowed I getError connecting back to host app: NSCocoaErrorDomain, code: 4099Here's my plist XML <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"><plist version="1.0"><dict> <key>Allowed Domains</key> <array> <string>*.twitter.com</string> </array> <key>Level</key> <string>Some</string></dict></plist>
2
0
1.3k
Jan ’20
How to ask for LESS permissions?
Permissions for Safari extensions seems to allow for only browsing history AND Webpage contents such as passwords and whatever else.What if we only need to URL from certain domains?Never reading the DOM should allow us to use a less-elevated permission that seems far more reasonable than allowing an extension to read my passwords on the DOM
0
0
559
Dec ’19