-
Notifications
You must be signed in to change notification settings - Fork 6
Description
Describe the bug
The Chrome Web Store version (2.3.0) has incorrect host permissions in manifest.json, causing CSS injection to fail on HTTP websites. The deployed version contains "host_permissions": ["https:///"] instead of the correct "host_permissions": ["<all_urls>"] that exists in the repository code.
To Reproduce
Steps to reproduce the behavior:
- Install Text Spacing Editor from Chrome Web Store (version 2.3.0)
- Navigate to any HTTP website (e.g., http://example.com or http://localhost:3000)
- Click on the extension icon and toggle it ON or adjust any slider
- Open Service Worker console (go to chrome://extensions/, enable Developer mode, click "service worker" under Text Spacing Editor)
- See error: "Cannot access contents of the page. Extension manifest must request permission to access the respective host."
When building from the repository source locally and follow the same steps above, the extension works correctly on all URLs.
Expected behavior
The extension should successfully inject CSS and apply text spacing changes on all websites including HTTP sites and localhost, just as it does on HTTPS sites.
Desktop (please complete the following information):
- OS: Windows 11
- Browser: Google Chrome
- Version: 143.0.7499.193
Additional context
Investigation shows the repository's package.json correctly specifies "host_permissions": ["<all_urls>"] (lines 46-48), which was fixed in PR #25 (commit 066fb38). However, the Chrome Web Store version labeled 2.3.0 appears to have been built before this fix was applied.
To verify: Install Chrome Web Store version → chrome://extensions/ → Developer mode → Open service worker console → Run chrome.runtime.getManifest().host_permissions → Returns ["https:///"] instead of ["<all_urls>"]
Suggested fix
Republish to Chrome Web Store with a fresh build from current main branch (version 2.3.1 or 2.4.0).