domain restriction
Closed this issue · 2 comments
Why wasn't it possible to restrict the visible to domains to the two search engines this was intended for?
Also, with external communication, why is that necessary?
Why wasn't it possible to restrict the visible to domains to the two search engines this was intended for?
I suppose you mean the general permissions for accessing data of all webpages requested here.
This is an unfortunate consequence of the permissions system for extensions. This extension uses the Fetch API to request search results from the configured linkding instance. Extensions only allow requests to webpages it has permissions to according to the manifest.json. These permissions can't be set or changed dynamically but must be set when creating the extension. Since the URL of the linkding instance can be any URL the extension needs to request permissions for any website.
The content script (which is the only part of the extension that can directly access website content) is only injected into the relevant search engine pages and thus can't and doesn't access any other websites or their contents. This can be verified here.
For technical details of the extension permissions system read here.
If you dislike this, you can create your own fork and change the match patterns here to only include the needed search engine pages as well as your linkding instance. Then the extension would be explicitly blocked from accessing anything else.
Also, with external communication, why is that necessary?
Can you elaborate what you mean with external communication? This extension sends search terms you input in the given search engines to the configured linkding instance search and and receives any matches in the linkding bookmarks. Without external communication there wouldn't be any results.
If you host the linkding instance locally the Fetch API request should go directly to your local instance and never leave your local network.
Thank you for a supremely helpful reply. Marking as closed because you left enough here to explore options, thank you!