从网络应用程序访问 Chrome 扩展程序
我想知道是否有人可以列出我应该做什么来实现以下目标的一般逻辑:
我有一个 Chrome 扩展,它可以获取用户书签列表。
当用户访问网页时,通过扩展检索到的信息被访问并显示在网页上。
我已经有一个扩展,我想知道如何从网页访问它?
I wonder if anybody can lay out the general logic of what I should do to achieve the following:
I have an extension for Chrome, that gets a list of user's bookmarks.
When user visits web page, the information that was retrieved by extension is accessed and displayed on web page.
I already have an extension, I wonder how do I access it from a web page?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
要与网页通信,您需要一个将在该页面上加载的内容脚本。然后您就可以使用事件进行通信。内容脚本可以从后台页面接收消息,并在必要时将其转发到网页。
请务必牢记安全注意事项部分 。您使用户的书签可供网页使用,您应该非常确定该网页应该可以访问它们。
To communicate with a web page you need a content script that will load on that page. Then you can then use events to communicate. The content script can receive messages from your background page and forward them to the web page if necessary.
Make sure that you take the security considerations section to heart. You make user's bookmarks available to a web page, you should be very certain that this web page should have access to them.
因此,如果扩展的作者编写了扩展,并将其代码沙箱化(这意味着他/她做了一些事情来使其变量远离全局命名空间),那么您将无法做太多事情做。所以...检查作者是否让他的变量可以在全局命名空间级别访问。要在 Chrome 中执行此操作,请转到该页面,打开开发工具,转到控制台并键入
这将显示全局命名空间,并应显示您正在查找的内容。如果您看到任何看起来不像传统变量、对象或函数的内容,那么您应该对此进行调查。我希望我可以在这里为您提供更清晰的步骤,但您本质上是在尝试从扩展中劫持代码,而这种事情需要大量的测试/调查。
如果全局命名空间中没有任何异常,则意味着代码已被沙箱化,您将陷入困境。您很难从扩展代码中获取任何变量/值/对象。
祝你好运。
So, if the author of the extension wrote the extension, and sandboxed his code (this means that he/she did something to keep his vars out of the global namespace), then there isn't much that you are going to be able to do. So... check to see if the author left his variables accessible at the global namespace level. To do this in Chrome, go to the page, open the Dev Tools, go to the console and type
This will show you the global namespace, and should show you what you are looking for. If you see anything that doesn't look like a traditional variable or object or function, then that is something you should investigate. I wish I could give you clearer steps here, but you are essentially trying to hijack the code from the extension, and that kind of stuff takes a lot of testing/investigating.
If there isn't anything abnormal in the global namespace, then that means that the code is sandboxed, and you are in a tough spot. It will be tough for you to get any of the vars/values/objects from the extension code.
Good luck.