summaryrefslogtreecommitdiff
path: root/ext/permissions.html
diff options
context:
space:
mode:
authorpraschke <stel@comfy.monster>2023-10-25 10:48:11 +0100
committerpraschke <stel@comfy.monster>2023-10-25 10:48:11 +0100
commitc54461a97edd8d06329a3329190b18f68a1cac50 (patch)
treebe52ec0a9449998fe836b7d5e191255ae498cfa9 /ext/permissions.html
parentb64ca7d379e48159f98373558c339a89c01c5f6c (diff)
fix: reinstate webRequest and correct the permissions docs
`webRequest` is used on Chrome/MV3 to surface error information from failed requests. it was added back to the declarative path by toasted-nutbread in FooSoft/yomichan#2161, but the permissions documentation did not reflect `webRequests` continued necessity.
Diffstat (limited to 'ext/permissions.html')
-rw-r--r--ext/permissions.html16
1 files changed, 14 insertions, 2 deletions
diff --git a/ext/permissions.html b/ext/permissions.html
index 4aaef3c1..9ede7d27 100644
--- a/ext/permissions.html
+++ b/ext/permissions.html
@@ -47,12 +47,24 @@
</div>
</div>
</div></div>
+ <div class="settings-item"><div class="settings-item-inner">
+ <div class="settings-item-left">
+ <div class="settings-item-label"><code>webRequest</code></div>
+ <div class="settings-item-description">
+ <p>
+ Yomitan uses this permission to collect audio or create Anki notes using
+ <a href="https://ankiweb.net/shared/info/2055492159" target="_blank" rel="noopener noreferrer">AnkiConnect</a>.
+ It is also required to surface error information from failed requests.
+ </p>
+ </div>
+ </div>
+ </div></div>
<div class="settings-item" data-show-for-browser="firefox firefox-mobile"><div class="settings-item-inner">
<div class="settings-item-left">
- <div class="settings-item-label"><code>webRequest</code> and <code>webRequestBlocking</code></div>
+ <div class="settings-item-label"><code>webRequestBlocking</code></div>
<div class="settings-item-description">
<p>
- Yomitan uses these permissions to ensure certain requests have valid and secure headers.
+ Yomitan uses this permission to ensure certain requests have valid and secure headers.
This sometimes involves removing or changing the <code>Origin</code> request header,
as this can be used to fingerprint browser configuration.
</p>