Thursday, February 5th, 2009

Chrome Extension Process Model Design Doc

Category: Chrome, JavaScript

<p>The chaps in Chrome land that know a thing or two about writing extensions are getting their design docs on and we see a new draft of how extensions mesh with the process model of Chrome:

Chromium extensions will follow a multi-process architecture to share the same kind of stability and security that regular web pages have in Chromium. All of an extension’s code runs in a single process, separate from the browser (with the exception of user scripts which run in whichever renderers they apply to). Extension code can communicate with user scripts, and vice versa, through a message passing API.

The document discusses an example extension and the “chrome scripts” that pull off the work:

Much like with user scripts, an extension can register “chrome scripts” to run in the context of the extension process. These scripts have special access to the browser UI, and can communicate with extension UI and user scripts. Chrome scripts are loaded and run when the extension is loaded (generally on browser startup). They can register to listen for special events, like tab switching, window closing, navigation, etc.

As an example, consider an Auto-Link extension that shows a button on the toolbar which converts all addresses on the page to links to Google Maps. Maybe the button is disabled when there are no addresses on the page. This extension would consist of:

  1. a user script which detects addresses and has the ability to convert addresses to links
  2. a toolstrip containing the HTML, CSS, and script necessary to draw the button
  3. a chrome script that listens for browser events and controls the state of the toolbar button

manifest.json (snippet):

javascript
< view plain text >
  1. ...
  2.     // these two are loaded into the extension process
  3.     chrome_scripts: ["chrome/main.js"],
  4.     toolstrip: "chrome/toolstrip.html",
  5.     // this is loaded into renderers
  6.     user_scripts: {
  7.       "matches": ["http://*/*", "https://*/*"],
  8.     "files": ["content/address.js"]
  9.     },
  10.     ...

content/address.js:

javascript
< view plain text >
  1. extension.addEventListener("on-message", function (e) {
  2.   if (e.message == "autolink") {
  3.     doAutoLink();
  4.   } else if (e.message == "check-for-addresses") {
  5.     var found = checkForAddresses();  // implemented elsewhere
  6.     e.channel.postMessage({hasAddresses: found});
  7.   }
  8. }, false);

chrome/main.js:

javascript
< view plain text >
  1. extension.addEventListener("tab-changed", function (e) {
  2.       // user switched tabs, so check if our button should be enabled
  3.       e.tab.postMessage("check-for-addresses");
  4.     }, false);
  5.  
  6.  
  7.     extension.addEventListener("on-message", function (e) {
  8.       // we got a response from our user script
  9.       var found = e.message["hasAddresses"];
  10.       var toolstrip = e.tab.browserWindow.getToolstrip("autolink");
  11.       toolstrip.contentWindow.document.getElementById("autolink").disabled = !found;
  12.     }, false);

chrome/toolstrip.html:

  1. <html>
  2. <body>
  3.   <button onclick="autolink()" id="autolink">Auto-Link</button>
  4.   <script>
  5.     function autolink() {
  6.       extension.currentTab.postMessage("autolink");
  7.     }
  8.   </script>
  9. </body>
  10. </html>

Related Content:

Posted by Dion Almaer at 7:32 am
6 Comments

+++--
3.8 rating from 17 votes

6 Comments »

Comments feed TrackBack URI

Can’t we have a browser that doesn’t have extensions, browser helper objects, or other 3rd party code that can watch me log into my bank every day?

Comment by sroussey — February 5, 2009

@sroussey Than do not install them!
.
Looks nicer to code than FF extensions

Comment by epascarello — February 5, 2009

Awesome. The API looks great.

Comment by WillPeavy — February 5, 2009

@epascarello: for firefox I keep a separate profile for banking, etc., but i do have to worry about other people that don’t…

Comment by sroussey — February 5, 2009

sroussey:

as you may know, Chrome already supports multiple profiles. Extensions, of course, are totally optional. If you have a concrete suggestion about how you think extensions should interact with sensitive sites (https:// sites, for example), now would be the time to get those concerns aired in the Chrome Extension process.

Regards

Comment by slightlyoff — February 5, 2009

Gotta love when people only present problems (complain), instead of presenting solutions.

FYI (to all) – If you find a problem with something (anything), your comments are much better received if you present them with a suggestion or solution.

Comment by hismightiness — February 17, 2009

Leave a comment

You must be logged in to post a comment.