Extension permissions? Does NOT need to read sensitive information

I could not find any way to create an extension with permissions to read the URL without also asking for permission to read the FULL DOM including passwords.


A user sent me this screen shot showing an AD BLOCKER that somehow does not read the DOM!


My app needs only see the URL, we do NOT read the DOM at all and I don't want to ask for permission to read the entire DOM!


The documentation CLEARLY says there is only All Some or None


https://developer.apple.com/documentation/safariservices/safari_app_extensions/safari_app_extension_info_property_list_keys/adjusting_website_access_permissions?language=objc


How does an app NOT ask for permission to read passwords and crazy stuff?


Thanks for what must be obvious!


This is my first Safari Extension


oh, ok, I guess I can't attach a photo but you get the idea.


If I ask for Allowed to be any twitter.com domain, and "Some" allowed I get


Error connecting back to host app: NSCocoaErrorDomain, code: 4099


Here's my plist XML


<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

<dict>

<key>Allowed Domains</key>

<array>

<string>*.twitter.com</string>

</array>

<key>Level</key>

<string>Some</string>

</dict>

</plist>

The adblocker only pass a content blocker (a set of rules, https://developer.apple.com/documentation/safariservices/creating_a_content_blocker) to Safari, so it doesn't need any permission.

Anything else will require permission.

Does your extension have any content scripts or style sheets? If it does, then Safari will say the extension has permission to read the DOM. If you remove the content scripts and style sheets, then Safari will say that the extension


And for that error you were seeing - try doing a clean build of your extension. That should help.

Extension permissions? Does NOT need to read sensitive information
 
 
Q