Check whether user has a Chrome extension installed

前端 未结 16 2087
一向
一向 2020-11-22 08:50

I am in the process of building a Chrome extension, and for the whole thing to work the way I would like it to, I need an external JavaScript script to be able to detect if

相关标签:
16条回答
  • 2020-11-22 09:02

    You could also use a cross-browser method what I have used. Uses the concept of adding a div.

    in your content script (whenever the script loads, it should do this)

    if ((window.location.href).includes('*myurl/urlregex*')) {
            $('html').addClass('ifextension');
            }
    

    in your website you assert something like,

    if (!($('html').hasClass('ifextension')){}
    

    And throw appropriate message.

    0 讨论(0)
  • 2020-11-22 09:07

    Chrome now has the ability to send messages from the website to the extension.

    So in the extension background.js (content.js will not work) add something like:

    chrome.runtime.onMessageExternal.addListener(
        function(request, sender, sendResponse) {
            if (request) {
                if (request.message) {
                    if (request.message == "version") {
                        sendResponse({version: 1.0});
                    }
                }
            }
            return true;
        });
    

    This will then let you make a call from the website:

    var hasExtension = false;
    
    chrome.runtime.sendMessage(extensionId, { message: "version" },
        function (reply) {
            if (reply) {
                if (reply.version) {
                    if (reply.version >= requiredVersion) {
                        hasExtension = true;
                    }
                }
            }
            else {
              hasExtension = false;
            }
        });
    

    You can then check the hasExtension variable. The only drawback is the call is asynchronous, so you have to work around that somehow.

    Edit: As mentioned below, you'll need to add an entry to the manifest.json listing the domains that can message your addon. Eg:

    "externally_connectable": {
        "matches": ["*://localhost/*", "*://your.domain.com/*"]
    },
    
    0 讨论(0)
  • 2020-11-22 09:08

    Another method is to expose a web-accessible resource, though this will allow any website to test if your extension is installed.

    Suppose your extension's ID is aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa, and you add a file (say, a transparent pixel image) as test.png in your extension's files.

    Then, you expose this file to the web pages with web_accessible_resources manifest key:

      "web_accessible_resources": [
        "test.png"
      ],
    

    In your web page, you can try to load this file by its full URL (in an <img> tag, via XHR, or in any other way):

    chrome-extension://aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/test.png
    

    If the file loads, then the extension is installed. If there's an error while loading this file, then the extension is not installed.

    // Code from https://groups.google.com/a/chromium.org/d/msg/chromium-extensions/8ArcsWMBaM4/2GKwVOZm1qMJ
    function detectExtension(extensionId, callback) { 
      var img; 
      img = new Image(); 
      img.src = "chrome-extension://" + extensionId + "/test.png"; 
      img.onload = function() { 
        callback(true); 
      }; 
      img.onerror = function() { 
        callback(false); 
      };
    }
    

    Of note: if there is an error while loading this file, said network stack error will appear in the console with no possibility to silence it. When Chromecast used this method, it caused quite a bit of controversy because of this; with the eventual very ugly solution of simply blacklisting very specific errors from Dev Tools altogether by the Chrome team.


    Important note: this method will not work in Firefox WebExtensions. Web-accessible resources inherently expose the extension to fingerprinting, since the URL is predictable by knowing the ID. Firefox decided to close that hole by assigning an instance-specific random URL to web accessible resources:

    The files will then be available using a URL like:

    moz-extension://<random-UUID>/<path/to/resource>
    

    This UUID is randomly generated for every browser instance and is not your extension's ID. This prevents websites from fingerprinting the extensions a user has installed.

    However, while the extension can use runtime.getURL() to obtain this address, you can't hard-code it in your website.

    0 讨论(0)
  • 2020-11-22 09:08

    There's another method shown at this Google Groups post. In short, you could try detecting whether the extension icon loads successfully. This may be helpful if the extension you're checking for isn't your own.

    0 讨论(0)
  • 2020-11-22 09:09

    A lot of the answers here so far are Chrome only or incur an HTTP overhead penalty. The solution that we are using is a little different:

    1. Add a new object to the manifest content_scripts list like so:

    {
      "matches": ["https://www.yoursite.com/*"],
      "js": [
        "install_notifier.js"
      ],
      "run_at": "document_idle"
    }
    

    This will allow the code in install_notifier.js to run on that site (if you didn't already have permissions there).

    2. Send a message to every site in the manifest key above.

    Add something like this to install_notifier.js (note that this is using a closure to keep the variables from being global, but that's not strictly necessary):

    // Dispatch a message to every URL that's in the manifest to say that the extension is
    // installed.  This allows webpages to take action based on the presence of the
    // extension and its version. This is only allowed for a small whitelist of
    // domains defined in the manifest.
    (function () {
      let currentVersion = chrome.runtime.getManifest().version;
      window.postMessage({
        sender: "my-extension",
        message_name: "version",
        message: currentVersion
      }, "*");
    })();
    

    Your message could say anything, but it's useful to send the version so you know what you're dealing with. Then...

    3. On your website, listen for that message.

    Add this to your website somewhere:

    window.addEventListener("message", function (event) {
      if (event.source == window &&
        event.data.sender &&
        event.data.sender === "my-extension" &&
        event.data.message_name &&
        event.data.message_name === "version") {
        console.log("Got the message");
      }
    });
    

    This works in Firefox and Chrome, and doesn't incur HTTP overhead or manipulate the page.

    0 讨论(0)
  • 2020-11-22 09:10

    You could have the extension set a cookie and have your websites JavaScript check if that cookie is present and update accordingly. This and probably most other methods mentioned here could of course be cirvumvented by the user, unless you try and have the extension create custom cookies depending on timestamps etc, and have your application analyze them server side to see if it really is a user with the extension or someone pretending to have it by modifying his cookies.

    0 讨论(0)
提交回复
热议问题