Skip to content

Fix up permissions API with non hardcoded values #1867

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jonathanKingston wants to merge 28 commits into
base: main
Choose a base branch
from
Open

Fix up permissions API with non hardcoded values #1867

jonathanKingston wants to merge 28 commits into from

Conversation

@jonathanKingston
Copy link
Contributor

@jonathanKingston jonathanKingston commented Jul 31, 2025
edited by cursor bot
Loading

Asana Task/Github Issue: https://app.asana.com/1/137249556945/project/1209253361096901/task/1209488147924654?focus=true

Description

Fixes up the API with the current permission status rather than the new Chromium hardcoding they've added.
Adds a setting to allow us to control the rollout here.

Testing Steps

Checklist

Please tick all that apply:

  • I have tested this change locally
  • I have tested this change locally in all supported browsers
  • This change will be visible to users
  • I have added automated tests that cover this change
  • I have ensured the change is gated by config
  • This change was covered by a ship review
  • This change was covered by a tech design
  • Any dependent config has been merged

Note

Adds proxy-based handling when navigator.permissions exists and refactors the shim to use native messaging with safe fallthrough; updates and consolidates tests for both API-present and API-absent scenarios.

  • WebCompat (permissions)
    • Introduces permissionsPresentFix to proxy navigator.permissions.query when the API exists, intercepting only configured native permissions and falling through otherwise.
    • Extracts shared PermissionStatus and handlePermissionQuery for native messaging and consistent results; on errors, falls back to original API/defaults.
    • Enhances permissionsFix (API-absent) to reuse shared handler, validate inputs, and support name overrides while returning prompt by default.
  • Tests
    • Refactors Permissions API tests with shared setup/utilities and a runner for API-absent cases.
    • Adds "Permissions API - when present" suite covering fallthrough to original API, native interception, name overrides, invalid args, and native failure behavior.
    • Keeps existing Notification and ScreenOrientation tests intact; minor setup cleanups.

Written by Cursor Bugbot for commit 3c3213c. This will update automatically on new commits. Configure here.

@netlify
Copy link

netlify bot commented Jul 31, 2025
edited
Loading

Deploy Preview for content-scope-scripts ready!

Name Link
🔨 Latest commit 3c3213c
🔍 Latest deploy log https://app.netlify.com/projects/content-scope-scripts/deploys/694320073579f70008ab61f3
😎 Deploy Preview https://deploy-preview-1867--content-scope-scripts.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@github-actions
Copy link
Contributor

github-actions bot commented Jul 31, 2025
edited
Loading

Temporary Branch Update

The temporary branch has been updated with the latest changes. Below are the details:

Please use the above install command to update to the latest version.

@github-actions
Copy link
Contributor

github-actions bot commented Jul 31, 2025
edited
Loading

[Beta] Generated file diff

Time updated: Wed, 17 Dec 2025 21:27:38 GMT

Android 
    - android/adsjsContentScope.js
  • android/autofillImport.js
  • android/brokerProtection.js
  • android/contentScope.js

File has changed

Apple 
    - apple/contentScope.js
  • apple/contentScopeIsolated.js
  • apple/pages/history/dist/index.js
  • apple/pages/new-tab/dist/index.js
  • apple/pages/onboarding/dist/index.js

File has changed

Chrome-mv3 
    - chrome-mv3/inject.js

File has changed

Firefox 
    - firefox/inject.js

File has changed

Integration 
    - integration/contentScope.js
  • integration/pages/history/dist/index.js
  • integration/pages/new-tab/dist/index.js
  • integration/pages/onboarding/dist/index.js

File has changed

Windows 
    - windows/contentScope.js
  • windows/pages/history/dist/index.js
  • windows/pages/new-tab/dist/index.js
  • windows/pages/onboarding/dist/index.js

File has changed

@jonathanKingston jonathanKingston marked this pull request as ready for review July 31, 2025 11:58
@jonathanKingston jonathanKingston requested a review from a team as a code owner July 31, 2025 11:58
cursor[bot]

This comment was marked as outdated.

Sign in to view

nshuba
nshuba previously approved these changes Jul 31, 2025
View reviewed changes
Copy link
Contributor

@nshuba nshuba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes look good, but it might be worth updating the integration tests? We have some basic ones for permissions APIs already.

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

jonathanKingston and others added 10 commits August 18, 2025 12:17
@jonathanKingston
Add fix for test
e63c9fe
@noisysocks @jonathanKingston
Force search mode when Duck.ai is disabled in Omnibar (#1895)
9d31416
@dependabot @jonathanKingston
build(deps): bump @rive-app/canvas-single from 2.31.1 to 2.31.2 (#1902)
a72ef38 
Bumps [@rive-app/canvas-single](https://github.com/rive-app/rive-wasm) from 2.31.1 to 2.31.2.
- [Changelog](https://github.com/rive-app/rive-wasm/blob/master/CHANGELOG.md)
- [Commits](rive-app/rive-wasm@2.31.1...2.31.2)

---
updated-dependencies:
- dependency-name: "@rive-app/canvas-single"
  dependency-version: 2.31.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @jonathanKingston
build(deps): bump esbuild from 0.25.8 to 0.25.9 (#1903)
1dd2bde 
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.25.8 to 0.25.9.
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](evanw/esbuild@v0.25.8...v0.25.9)

---
updated-dependencies:
- dependency-name: esbuild
  dependency-version: 0.25.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @jonathanKingston
build(deps): bump actions/checkout from 4 to 5 (#1901)
69e798d 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@jonathanKingston
Add in file count check for data.files in canShare (#1899)
7d33f65 
* Add in file count check for data.files in canShare

* Update check and tests

* Lint fix
@jonathanKingston
Update build-and-troubleshooting.md for apple changes (#1891)
60f8e33 
* Update build-and-troubleshooting.md for apple changes

* Lint fix
@jonathanKingston
Auto approve patch changes to the repo (#1904)
5a70d5b 
* Auto approve patch changes to the repo

* Lint fix

* Ignore higher risk deps
@jonathanKingston
Add @duckduckgo/extension-owners to CODEOWNERS (#1896)
0e3f662
@jonathanKingston
Ensure message correctness in extension (#1907)
4fee508 
* Ensure we check isFeatureEnabled correctly

* Only trigger updates on listenForUpdateChanges enabled features (CTL)

* Add bail out option for invalid messages
@jonathanKingston
Add additionalCheck for android rollout (#1908)
f749184 
* Add additionalCheck for android rollout

* Add test case

* Simplify test case

* Lint fix

* Continue in the loop instead of return
@jonathanKingston
Open up canShare some more (#1906)
a8010ef 
* Add in file count check for data.files in canShare

* Update check and tests

* Lint fix

* Make canShare more permissive
@jonathanKingston
Disable constructor check for now and gate for native calls only
42f887f
cursor[bot]
cursor bot reviewed Dec 2, 2025
View reviewed changes
cursor[bot]
cursor bot reviewed Dec 17, 2025
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@nshuba nshuba nshuba left review comments

@shakyShane shakyShane Awaiting requested review from shakyShane

@mgurgel mgurgel Awaiting requested review from mgurgel

@kzar kzar Awaiting requested review from kzar

@ladamski ladamski Awaiting requested review from ladamski

@franfaccin franfaccin Awaiting requested review from franfaccin

At least 1 approving review is required to merge this pull request.

Assignees

@dharb dharb

@nshuba nshuba

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jonathanKingston @nshuba @dharb @noisysocks