To use most chrome.* APIs, your extension or app must declare its intent in the "permissions" field of the manifest. Each permission can be either one of a list of known strings (such as "geolocation") or a match pattern that gives access to one or more hosts. Permissions help to limit damage if your extension or app is compromised by malware. Some permissions are also displayed to users before installation, as detailed in Permission Warnings.
If an API requires you to declare a permission in the manifest, then its documentation tells you how to do so. For example, the Storage page shows you how to declare the "storage" permission.
Here's an example of the permissions part of a manifest file:
{{^is_apps}}"permissions": [ "tabs", "bookmarks", "http://www.blogger.com/", "http://*.google.com/", "unlimitedStorage" ],{{/is_apps}} {{?is_apps}}
"permissions": [
"serial",
"storage",
"videoCapture"
],
{{/is_apps}}
The following table lists the currently available permissions:
{{?is_apps}}Note: Hosted apps can use the "background", "clipboardRead", "clipboardWrite", "geolocation", "notifications", and "unlimitedStorage" permissions, but not any other permissions listed in this table.
{{/is_apps}}| Permission | Description |
|---|---|
| match pattern | Specifies a host permission. Required if the extension or app wants to interact with the code running on pages. Many capabilities, such as cross-origin XMLHttpRequests, programmatically injected content scripts, and the extension's cookies API require host permissions. For details on the syntax, see Match Patterns. |
| "activeTab" | Requests that the extension be granted permissions according to the activeTab specification. |
| "alarms" | Required if the extension or app uses the chrome.alarms module. | {{?is_apps}}
| "audioCapture" | Requests that the app be granted permissions to capture audio directly from the user's Microphone via the getUserMedia API. |
| "background" | Makes Chrome start up early and and shut down late, so that apps and extensions can have a longer life. When any installed hosted app, packaged app, or extension has "background" permission, Chrome runs (invisibly) as soon as the user logs into their computer—before the user launches Chrome. The "background" permission also makes Chrome continue running (even after its last window is closed) until the user explicitly quits Chrome. Note: Disabled apps and extensions are treated as if they aren't installed. You typically use the "background" permission with a background page, event page or (for hosted apps) a background window. |
| "bluetooth" | Required if the app uses the chrome.bluetooth module. |
| "bookmarks" | Required if the extension uses the chrome.bookmarks module. |
| "chrome://favicon/" | Required if the extension uses the
"chrome://favicon/url" mechanism
to display the favicon of a page.
For example, to display the favicon of http://www.google.com/,
you declare the "chrome://favicon/" permission
and use HTML code like this:
<img src="chrome://favicon/http://www.google.com/"> |
| "clipboardRead" | Required if the extension or app uses
document.execCommand('paste'). |
| "clipboardWrite" | Indicates the extension or app uses
document.execCommand('copy') or
document.execCommand('cut'). This permission is required
for hosted apps; it's recommended for extensions and packaged apps.
|
| "contentSettings" | Required if the extension uses the chrome.contentSettings module. |
| "contextMenus" | Required if the extension or app uses the chrome.contextMenus module. |
| "cookies" | Required if the extension uses the chrome.cookies module. |
| "experimental" | Required if the extension or app uses any chrome.experimental.* APIs. |
| "fileBrowserHandler" | Required if the extension uses the fileBrowserhandler module. |
| "fileSystem", "fileSystem.write", "fileSystem.retainEntries" | Required if the app uses the chrome.fileSystem module. |
| "fullscreen" | Allows the app to use the app.window fullscreen state or the HTML fullscreen API. See Other APIs for behavior differences. |
| "geolocation" | Allows the extension or app to use the proposed HTML5 geolocation API without prompting the user for permission. |
| "history" | Required if the extension uses the chrome.history module. |
| "idle" | Required if the extension or app uses the chrome.idle module. |
| "management" | Required if the extension uses the chrome.management module. |
| "mediaGalleries": ["read"], "mediaGalleries": ["read", "allAutoDetected"] | Required if the app uses the chrome.mediaGalleries module. |
| "notifications" | Allows the extension to use the proposed HTML5
notification API
without calling permission methods
(such as checkPermission()).
For more information see
Desktop Notifications. |
| "notifications" | Required if the app uses the
chrome.notifications module.
Also allows the app to use the proposed HTML5
notification API
without calling permission methods
(such as checkPermission()).
For more information see
Desktop Notifications. |
| "pointerLock" | Required to use
Pointer Lock via calls to
webkitRequestPointerLock or Pepper's
Mouse Lock API.
See Other APIs for behavior differences. |
| "privacy" | Required if the extension uses the chrome.privacy module. |
| "proxy" | Required if the extension uses the chrome.proxy module. |
| "pushMessaging" | Required if the extension or app uses the chrome.pushMessaging module. |
| "serial" | Required if the app uses the chrome.serial module. |
| "socket": ["rule1", "rule2"] | Required if the app uses the chrome.socket module. |
| "storage" | Required if the extension or app uses the chrome.storage module. |
| "syncFileSystem" | Required if the app uses the chrome.syncFileSystem module to save and synchronize data on Google Drive. |
| "tabs" | Required if the extension uses the chrome.tabs or chrome.windows module. |
| "tabCapture" | Required if the extension uses the chrome.tabCapture module. |
| "topSites" | Required if the extension uses the chrome.topSites module. |
| "tts" | Required if the extension or app uses the chrome.tts module. |
| "ttsEngine" | Required if the extension uses the chrome.ttsEngine module. |
| "unlimitedStorage" | Provides an unlimited quota for storing HTML5 client-side data,
such as databases and local storage files.
Without this permission, the extension or app is limited to
5 MB of local storage.
Note:
This permission applies only to Web SQL Database and application cache
(see issue 58985).
Also, it doesn't currently work with wildcard subdomains such as
|
| "usb" | Required if the app uses the chrome.usb module. |
| "videoCapture" | Requests that the app be granted permissions to capture video directly from the user's Web Cam via the getUserMedia API. |
| "webNavigation" | Required if the extension uses the chrome.webNavigation module. |
| "webRequest" | Required if the extension uses the chrome.webRequest module. |
| "webRequestBlocking" | Required if the extension uses the chrome.webRequest module in a blocking fashion. |
| "webview" | Required if the app uses the Webview Tag to embed live content from the web in the packaged app. |