iOS Safari Web Extension asking permission to use extension on a webpage.

Question

Created Feb ’22

Replies 1

Boosts 1

Views 2k

Participants 2

I've developed a ios safari web extension for my app and everything seemed to work fine in the simulator and on my device.

However, I've noticed that in some cases when the user tries to give permission to the extension inside safari, the system displays an alert asking for permissions to all the sites saved in the user's keychain. It's really strange. I've not been able to always reproduce this behavior, sometimes it works normally and it asks for permission just for the domain where the user is on.

The issue has become a real problem when I've discovered that when the user has a lot of saved passwords for sites in the keychain, the Safari freezes when asking for permission and becomes absolutely unusable, forcing the user to close it.

Here is the manifest for my extension:

{
    "manifest_version": 2,
    "content_security_policy": "script-src 'self' https://ssl.google-analytics.com; object-src 'self'",
    "background": {
        "scripts": [
            "browser-polyfill.js",
            "background.js"
        ],
        "persistent": false
    },
    "content_scripts": [{
            "js": [
                "browser-polyfill.js",
                "document-start.js"
            ],
            "matches": [
                "http://*/*",
                "https://*/*"
            ],
            "run_at": "document_start"
        },
        {
            "js": [
                "browser-polyfill.js",
                "contentscript.js"
            ],
            "matches": [
                "http://*/*",
                "https://*/*"
            ],
            "run_at": "document_idle"
        }
    ],
    "browser_action": {
        "default_icon": {
            "19": "assets/images/logos/16x16_logo.png",
            "38": "assets/images/logos/48x48_logo.png",
            "48": "assets/images/logos/48x48_logo.png",
            "64": "assets/images/logos/64x64_logo.png",
            "128": "assets/images/logos/128x128_logo.png",
            "256": "assets/images/logos/256x256_logo.png",
            "512": "assets/images/logos/512x512_logo.png"
        },
        "default_popup": "popup.html"
    },
    "icons": {
        "16": "assets/images/logos/16x16_logo.png",
        "48": "assets/images/logos/48x48_logo.png",
        "64": "assets/images/logos/64x64_logo.png",
        "128": "assets/images/logos/128x128_logo.png",
        "256": "assets/images/logos/256x256_logo.png",
        "512": "assets/images/logos/512x512_logo.png"
    },
    "web_accessible_resources": [
        "assets/*"
    ],
    "permissions": [
        "<all_urls>",
        "cookies",
        "storage",
        "unlimitedStorage",
        "webNavigation",
        "notifications",
        "nativeMessaging"
    ]
}

Here is the screenshot of the safari asking for permission to the extension to access 653 different websites that are registered in the user's keychain:

Boost

Answer 1

ywork OP

Jun ’23

Did you ever resolve this? I'm running into a very similar situation where Safari freezes when setting certain permissions if there are a lot of tabs open. I can repro consistently with these steps:

Under Settings -> Safari -> Extensions -> [Your Extension], ensure the extension is enabled and update the settings to "Ask" for every site in the list.
Disable the extension
Open Safari, and if you don't already have 500+ tabs open, open 500+ tabs. (For me, it starts to become noticeable around 70 tabs, so you might start there, but it probably depends partly on the size of the extension)
Tap the "aA" in the URL bar, then "Manage Extensions", then enable your extension
Tap "aA" again, then tap your extension, which should have a warning triangle on it at this point
When the permissions prompts appear, tap "Always Allow" on the first prompt, then tap "Always Allow on These Websites" on the second one
If Safari doesn't crash at that point, try to open a new tab and type in the URL bar. For me, the tab opens, but Safari freezes when I try to type something in

One thing that's very strange to me is that there are no performance issues at all when I select the "Always Allow on Every Website" permission instead of the "Always Allow on These Websites" permission.

0