Chrome Extension BackgroundScript Path

1
votes

I'm trying to load background script from cdn path ('https://cdn.xyz.com/scripts/background.js') in manifest.json in my Chrome Extension, but it's throwing me error - Could not load background script 'https://cdn.xyz.com/scripts/background.js'. I have already added https://cdn.xyz.com in content_security_policy in manifest.json file.

Manifest.json 

{
    "name": "MyExtension",
    "manifest_version": 2,
    "background": {
        "scripts": [
            "https://cdn.xyz.com/scripts/background.js"
        ],
        "persistent": false
    },
    "permissions": [
       "http://*/*",
       "https://*/*",
    ],
    "content_security_policy": "script-src 'self' 'unsafe-eval' https://cdn.xyz.com; object-src 'self'"    
}
2
google-chromegoogle-chrome-extensionmanifest.json

2 Answers

2
votes

You can't directly add a remote script in a manifest.

Adjusting the CSP allows you to dynamically load the script - by creating a <script> node with appropriate src in your (local) background code.

// Local background script
let script = document.createElement('script');
script.src = "https://cdn.xyz.com/scripts/background.js"; 
document.head.appendChild(script); // Executes in background document

Please do note that such code loading (most of the logic is hosted elsewhere and updates independently, executed in privileged context) is very frowned upon by Google and outright banned by Mozilla for listed WebExtensions.

0
votes

That CDN uses HTTP/1.1 301 Moved Permanently to redirect to cdn.xyz, try:

"content_security_policy": "script-src 'self' 'unsafe-eval' https://cdn.xyz https://cdn.xyz.com; object-src 'self'"`

If it works, you could also add wildcard domains and keep the old cdn.xyz.com domain for backwards compatibility.