// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// This features file defines permissions for extension APIs implemented
// under src/extensions.
// See extensions/common/features/* to understand this file, in particular
// feature.h, simple_feature.h, and base_feature_provider.h.
// To add a new whitelisted ID, SHA-1 it and force it to uppercase. In Bash:
//
// $ echo -n "aaaabbbbccccddddeeeeffffgggghhhh" | \
// sha1sum | tr '[:lower:]' '[:upper:]'
// 9A0417016F345C934A1A88F55CA17C05014EEEBA -
//
// Google employees: please update http://go/chrome-api-whitelist to map
// hashes back to ids.
// If you add a new platform_app permission please update the "stubs_app" test:
// chrome/test/data/extensions/api_test/stubs_app/manifest.json
{
"app.window.alwaysOnTop": {
"channel": "stable",
"extension_types": ["platform_app"]
},
"app.window.fullscreen": {
"channel": "stable",
"extension_types": ["platform_app"]
},
"app.window.fullscreen.overrideEsc": {
"channel": "stable",
"extension_types": ["platform_app"]
},
"app.window.alpha": [
{
"channel": "dev",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["platform_app"],
"whitelist": [
"0F42756099D914A026DADFA182871C015735DD95", // http://crbug.com/323773
"2D22CDB6583FD0A13758AEBE8B15E45208B4E9A7",
"E7E2461CE072DF036CF9592740196159E2D7C089", // http://crbug.com/356200
"A74A4D44C7CFCD8844830E6140C8D763E12DD8F3",
"312745D9BF916161191143F6490085EEA0434997",
"53041A2FA309EECED01FFC751E7399186E860B2C",
"A07A5B743CD82A1C2579DB77D353C98A23201EEF", // http://crbug.com/413748
"F16F23C83C5F6DAD9B65A120448B34056DD80691",
"0F585FB1D0FDFBEBCE1FEB5E9DFFB6DA476B8C9B"
]
}
],
"app.window.shape": {
"channel": "stable",
"extension_types": ["platform_app"]
},
"audioCapture": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["extension"],
"whitelist": [
// http://crbug.com/292856
"3F50C3A83839D9C76334BCE81CDEC06174F266AF",
"09FDCB5851B8F3378DB630D06E316076E89C95A6",
"39BE69F11F68E4EED080DA3DC2394F7885B7AFF9",
"FF78670081967CE21DB86A04AD94A0498F01E20A",
// Hotword component extension
"62CCAAD339E6451BBF97C4BBDF758E934A05AD0B"
]
}
],
"bluetoothPrivate": {
"channel": "stable",
"extension_types": ["platform_app"],
"platforms": ["chromeos", "win", "mac"],
"whitelist": [
"1C93BD3CF875F4A73C0B2A163BB8FBDA8B8B3D80", // http://crbug.com/387169
"A3BC37E2148AC4E99BE4B16AF9D42DD1E592BBBE", // http://crbug.com/387169
"E703483CEF33DEC18B4B6DD84B5C776FB9182BDB", // http://crbug.com/387169
"307E96539209F95A1A8740C713E6998A73657D96", // http://crbug.com/387169
"4F25792AF1AA7483936DE29C07806F203C7170A0", // http://crbug.com/407693
"BD8781D757D830FC2E85470A1B6E8A718B7EE0D9", // http://crbug.com/407693
"4AC2B6C63C6480D150DFDA13E4A5956EB1D0DDBB", // http://crbug.com/407693
"81986D4F846CEDDDB962643FA501D1780DD441BB" // http://crbug.com/407693
]
},
"dns": [
{
"channel": "dev",
"extension_types": ["extension", "platform_app"]
},
{
"channel": "stable",
"extension_types": ["extension", "platform_app"],
"whitelist": [
"7AE714FFD394E073F0294CFA134C9F91DB5FBAA4", // CCD Development
"C7DA3A55C2355F994D3FDDAD120B426A0DF63843", // CCD Testing
"75E3CFFFC530582C583E4690EF97C70B9C8423B7" // CCD Release
]
}
],
"externally_connectable.all_urls": {
"channel": "stable",
"extension_types": [
"extension", "hosted_app", "legacy_packaged_app", "platform_app"
],
"whitelist": [
"54ECAB4579BDE8FDAF9B29ED335F9946EE504A52", // Used in unit tests
"E24F1786D842E91E74C27929B0B3715A4689A473" // http://crbug.com/417494
]
},
"hid": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["extension"],
"whitelist": [
"496B6890097EB6E19809ADEADD095A8721FBB2E0", // FIDO U2F APIs
"E24F1786D842E91E74C27929B0B3715A4689A473" // CryptoToken
]
}
],
"u2fDevices": [
{
"channel": "stable",
"extension_types": ["extension", "platform_app"],
"whitelist": [
"496B6890097EB6E19809ADEADD095A8721FBB2E0", // FIDO U2F APIs
"E24F1786D842E91E74C27929B0B3715A4689A473", // CryptoToken
"6F9E349A0561C78A0D3F41496FE521C5151C7F71", // Security Key
"C06709A259378015404ED20F75C7D08547E0F10B" // Security Key (dev)
]
}
],
"power": {
"channel": "stable",
"extension_types": [ "extension", "legacy_packaged_app", "platform_app" ]
},
// Note: runtime is not actually a permission, but some systems check these
// values to verify restrictions.
"runtime": {
"channel": "stable",
"extension_types": ["extension", "legacy_packaged_app", "platform_app"]
},
"serial": {
"channel": "stable",
"extension_types": ["platform_app"]
},
"socket": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["extension"],
"whitelist": [
// The connectivity diagnostic utility is a component extension that is
// used to try to provide suggestions on how to fix connection issues.
// It should be the only non-app allowed to use the socket API.
"32A1BA997F8AB8DE29ED1BA94AAF00CF2A3FEFA7"
]
}
],
"storage": {
"channel": "stable",
"extension_types": ["extension", "legacy_packaged_app", "platform_app"],
"min_manifest_version": 2
},
"system.cpu": [
{
"channel": "stable",
"extension_types": ["extension", "legacy_packaged_app", "platform_app"]
},
{
"channel": "stable",
"extension_types": ["hosted_app"],
"whitelist": ["B44D08FD98F1523ED5837D78D0A606EA9D6206E5"] // Web Store
}
],
"system.memory": [
{
"channel": "stable",
"extension_types": ["extension", "legacy_packaged_app", "platform_app"]
},
{
"channel": "stable",
"extension_types": ["hosted_app"],
"whitelist": ["B44D08FD98F1523ED5837D78D0A606EA9D6206E5"] // Web Store
}
],
"system.network": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["hosted_app"],
"whitelist": ["B44D08FD98F1523ED5837D78D0A606EA9D6206E5"] // Web Store
}
],
"system.storage": [
{
"channel": "stable",
"extension_types": ["extension", "legacy_packaged_app", "platform_app"]
},
{
"channel": "stable",
"extension_types": ["hosted_app"],
"whitelist": ["B44D08FD98F1523ED5837D78D0A606EA9D6206E5"] // Web Store
}
],
"system.display": [
{
"channel": "stable",
"extension_types": ["extension", "legacy_packaged_app", "platform_app"]
},
{
"channel": "stable",
"extension_types": ["hosted_app"],
"whitelist": ["B44D08FD98F1523ED5837D78D0A606EA9D6206E5"] // Web Store
}
],
"usb": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["extension"],
"whitelist": [
"496B6890097EB6E19809ADEADD095A8721FBB2E0", // FIDO U2F APIs
"E24F1786D842E91E74C27929B0B3715A4689A473" // CryptoToken
]
}
],
"usbDevices": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["extension"],
"whitelist": [
"496B6890097EB6E19809ADEADD095A8721FBB2E0", // FIDO U2F APIs
"E24F1786D842E91E74C27929B0B3715A4689A473" // CryptoToken
]
}
],
"videoCapture": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
"channel": "stable",
"extension_types": ["extension"],
"whitelist": [
// http://crbug.com/292856
"3F50C3A83839D9C76334BCE81CDEC06174F266AF",
"09FDCB5851B8F3378DB630D06E316076E89C95A6",
"A434B90223C3C52F2B69DB494736B63C612C774D"
]
}
],
"webview": [
{
"channel": "stable",
"extension_types": ["platform_app"]
},
{
// General support for webview in component extensions still in progress.
// Only allowed for whitelisted extensions until all the caveats are
// addressed. Tracked in crbug/285151.
"channel": "stable",
"extension_types": ["extension"],
"location": "component",
"whitelist": [
"D519188F86D9ACCEE0412007B227D9936EB9676B" // GAIA Component Extension
]
}
]
}