aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--dev/data/manifest-variants.json10
-rw-r--r--docs/permissions.md15
-rw-r--r--ext/js/background/request-builder.js2
-rw-r--r--ext/permissions.html16
4 files changed, 17 insertions, 26 deletions
diff --git a/dev/data/manifest-variants.json b/dev/data/manifest-variants.json
index c9e7cd03..858dba65 100644
--- a/dev/data/manifest-variants.json
+++ b/dev/data/manifest-variants.json
@@ -81,7 +81,6 @@
"clipboardWrite",
"unlimitedStorage",
"declarativeNetRequest",
- "webRequest",
"scripting",
"offscreen"
],
@@ -255,6 +254,15 @@
"permissions"
],
"items": [
+ "webRequest"
+ ]
+ },
+ {
+ "action": "add",
+ "path": [
+ "permissions"
+ ],
+ "items": [
"webRequestBlocking"
]
},
diff --git a/docs/permissions.md b/docs/permissions.md
index 57f9f0b2..3fdf72d8 100644
--- a/docs/permissions.md
+++ b/docs/permissions.md
@@ -9,13 +9,8 @@
`unlimitedStorage` is used to help prevent web browsers from unexpectedly
deleting dictionary data.
-* `webRequest` <br>
- Yomichan uses this permission to collect audio or create Anki notes using
- [AnkiConnect](https://ankiweb.net/shared/info/2055492159).
- It is also required to surface error information from failed requests.
-
-* `webRequestBlocking` _(Firefox only)_ <br>
- Yomichan uses this permission to ensure certain requests have valid and secure headers.
+* `webRequest` and `webRequestBlocking` _(Firefox only)_ <br>
+ Yomichan uses these permissions to ensure certain requests have valid and secure headers.
This sometimes involves removing or changing the `Origin` request header,
as this can be used to fingerprint browser configuration.
@@ -24,11 +19,11 @@
This sometimes involves removing or changing the `Origin` request header,
as this can be used to fingerprint browser configuration.
-* `scripting` _(Manifest V3 only)_ <br>
- Yomichan will sometimes need to inject stylesheets into webpages in order to
+* `scripting` <br>
+ Yomichan needs to inject content scripts and stylesheets into webpages in order to
properly display the search popup.
-* `offscreen` __(Chrome only)_ <br>
+* `offscreen` _(Chrome only)_ <br>
Yomitan uses this permission to create a secondary backend document that has DOM access, given that Manifest v3
service workers do not. Service workers can then reach out to out to this document in order to complete
actions that require access to DOM APIs, such as any that require clipboard access.
diff --git a/ext/js/background/request-builder.js b/ext/js/background/request-builder.js
index 663e242b..bf770964 100644
--- a/ext/js/background/request-builder.js
+++ b/ext/js/background/request-builder.js
@@ -313,7 +313,7 @@ class RequestBuilder {
await this._updateDynamicRules({addRules});
try {
- return await this._fetchInternal(url, init, null);
+ return await fetch(url, init);
} finally {
await this._tryUpdateDynamicRules({removeRuleIds: [id]});
}
diff --git a/ext/permissions.html b/ext/permissions.html
index 9ede7d27..4aaef3c1 100644
--- a/ext/permissions.html
+++ b/ext/permissions.html
@@ -47,24 +47,12 @@
</div>
</div>
</div></div>
- <div class="settings-item"><div class="settings-item-inner">
- <div class="settings-item-left">
- <div class="settings-item-label"><code>webRequest</code></div>
- <div class="settings-item-description">
- <p>
- Yomitan uses this permission to collect audio or create Anki notes using
- <a href="https://ankiweb.net/shared/info/2055492159" target="_blank" rel="noopener noreferrer">AnkiConnect</a>.
- It is also required to surface error information from failed requests.
- </p>
- </div>
- </div>
- </div></div>
<div class="settings-item" data-show-for-browser="firefox firefox-mobile"><div class="settings-item-inner">
<div class="settings-item-left">
- <div class="settings-item-label"><code>webRequestBlocking</code></div>
+ <div class="settings-item-label"><code>webRequest</code> and <code>webRequestBlocking</code></div>
<div class="settings-item-description">
<p>
- Yomitan uses this permission to ensure certain requests have valid and secure headers.
+ Yomitan uses these permissions to ensure certain requests have valid and secure headers.
This sometimes involves removing or changing the <code>Origin</code> request header,
as this can be used to fingerprint browser configuration.
</p>