diff options
| author | rafaelw@chromium.org <rafaelw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-02 01:46:54 +0000 |
|---|---|---|
| committer | rafaelw@chromium.org <rafaelw@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-02 01:46:54 +0000 |
| commit | 15f5e7a55a40ce17cf5117cb079c72e5978276f2 (patch) | |
| tree | 58311866fc8e7ff5864d670af90fdb158f3875fd | |
| parent | 301babee0cbae6e4657496437e3b3919e9b78be7 (diff) | |
| download | chromium_src-15f5e7a55a40ce17cf5117cb079c72e5978276f2.zip chromium_src-15f5e7a55a40ce17cf5117cb079c72e5978276f2.tar.gz chromium_src-15f5e7a55a40ce17cf5117cb079c72e5978276f2.tar.bz2 | |
Extension Doc Changes (no building or testable changes).
Added xhr.html.
TBR=kathyw,aa
Review URL: http://codereview.chromium.org/172097
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25142 0039d316-1c4b-4281-b951-d872f2087c98
| -rwxr-xr-x | chrome/common/extensions/docs/static/xhr.html | 75 | ||||
| -rwxr-xr-x | chrome/common/extensions/docs/xhr.html | 426 |
2 files changed, 501 insertions, 0 deletions
diff --git a/chrome/common/extensions/docs/static/xhr.html b/chrome/common/extensions/docs/static/xhr.html new file mode 100755 index 0000000..8c55058 --- /dev/null +++ b/chrome/common/extensions/docs/static/xhr.html @@ -0,0 +1,75 @@ +<div id="pageData-title" class="pageData">Cross-Origin XMLHttpRequest</div> + +<!-- BEGIN AUTHORED CONTENT --> +<p id="classSummary"> +In regular web pages, the +<a href="http://www.w3.org/TR/XMLHttpRequest/">XMLHttpRequest</a> +object can be used to send and receive data from remote servers, but is +constrained by the +<a href="http://en.wikipedia.org/wiki/Same_origin_policy">same origin policy</a>. +Extensions are allowed to access remote servers outside of their origin, +but they must first declare their intent to do so.</p> + +<h2 id="extension-origin">Extension Origin</h2> +<p>Each running extension exists within it's own seperate security origin. Without +requesting additional priviliges, the extension can use +the XMLHttpRequest to access resources within it's installation. For example, if +the extension contains a JSON configuration file called <var>config.json</var>, +in a <var>config_resources</var> folder, it could retrieve it's contents like +this:</p> + +<pre> +var xhr = new XMLHttpRequest(); +xhr.onreadystatechange = handleStateChange; // Implemented elsewhere. +xhr.open("GET", chrome.extension.getURL('/config_resources/config.json'), true); +xhr.send(); +</pre> + +<p>If the extension attempted to access a security origin other than itself, +say</p> + +<pre> +xhr.open("GET", "http://www.google.com", true); +</pre> + +<p>The browser would disallow it.</p> + +<h2 id="requesting-permission">Requesting Cross-Origin Permissions</h2> + +<p>By adding hosts and/or host match patterns to the +<a href="manifest.html#permissions">permissions<a> section of the +<a href="manifest.html">manifest</a> file, the extension can request access to +remote servers outside of it's origin.</p> + +<pre>"permissions": [ + "http://www.google.com/", +], +</pre> + +<p>Cross-origin permission values can be either fully qualified host names, +like</p> + +<pre>"http://www.google.com/" or +"http://www.gmail.com/"</pre> + +<p>or match patterns, like</p> + +<pre>"http://*.google.com/" or +"http://*/"</pre> + +<p>which would allow http access to all reachable domains. Note that here, +match patterns are similar to <a href="match_patterns.html">content script +match patterns</a>, but any path information following the host is ignored.</p> + +<p>Also, note that access is granted both by host and scheme. If an extension +wants secure and non-secure http access to a given host or set +of hosts, it must declare the permissions seperately:</p> + +<pre>"permissions": [ + "http://www.google.com/", + "https://www.google.com/", +], +</pre> + + +<!-- END AUTHORED CONTENT --> diff --git a/chrome/common/extensions/docs/xhr.html b/chrome/common/extensions/docs/xhr.html new file mode 100755 index 0000000..110397c --- /dev/null +++ b/chrome/common/extensions/docs/xhr.html @@ -0,0 +1,426 @@ +<!DOCTYPE html><!-- This page is a placeholder for generated extensions api doc. Note: + 1) The <head> information in this page is significant, should be uniform + across api docs and should be edited only with knowledge of the + templating mechanism. + 2) The <body> tag *must* retain id="body" + 3) All <body>.innerHTML is genereated as an rendering step. If viewed in a + browser, it will be re-generated from the template, json schema and + authored overview content. + 4) The <body>.innerHTML is also generated by an offline step so that this + page may easily be indexed by search engines. + + TODO(rafaelw): Abstract this into a "pageshell" that becomes the single + version of page template shell and the "instance" pages (bookmarks.html, + etc...) can be generated with a build step. +--><!-- <html> must retain id="template --><html xmlns="http://www.w3.org/1999/xhtml" jstcache="0"><!-- <head> data is significant and loads the needed libraries and styles --><head jstcache="0"> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" jstcache="0"> + <title jscontent="getPageTitle()" jstcache="1">Cross-Origin XMLHttpRequest</title> + <link href="css/ApiRefStyles.css" rel="stylesheet" type="text/css" jstcache="0"> + <script type="text/javascript" src="../../../third_party/jstemplate/jstemplate_compiled.js" jstcache="0"> + </script> + <script type="text/javascript" src="js/api_page_generator.js" jstcache="0"></script> + <script type="text/javascript" src="js/bootstrap.js" jstcache="0"></script> + </head><!-- <body> content is completely generated. Do not edit, as it will be + and rewritten. --><body jstcache="0"> <div id="container" jstcache="0"> + <a name="top" jstcache="0"> </a> + <!-- API HEADER --> + <div id="pageHeader" jstcache="0"> + <div id="searchbox" jstcache="0"> + <form action="http://www.google.com/cse" id="cse-search-box" jstcache="0"> + <div jstcache="0"> + <input type="hidden" name="cx" value="002967670403910741006:61_cvzfqtno" jstcache="0"> + <input type="hidden" name="ie" value="UTF-8" jstcache="0"> + <input type="text" name="q" size="31" jstcache="0"> + <input type="submit" name="sa" value="Search" jstcache="0"> + </div> + </form> + + <script type="text/javascript" src="http://www.google.com/jsapi" jstcache="0"></script> + <script type="text/javascript" jstcache="0">google.load("elements", "1", {packages: "transliteration"});</script> + <script type="text/javascript" src="http://www.google.com/coop/cse/t13n?form=cse-search-box&t13n_langs=en" jstcache="0"></script> + <script type="text/javascript" src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en" jstcache="0"></script> + </div> + <div id="pageTitle" jstcache="0"> + <h1 jscontent="getPageTitle()" jstcache="1">Cross-Origin XMLHttpRequest</h1> + </div> + </div> <!-- /pageHeader --> + + <div id="pageContent" jstcache="0"> + <!-- SIDENAV --> + <div id="leftNav" jstcache="0"> + <ul jstcache="0"> + <li jstcache="0"> <a href="index.html" jstcache="0">Home</a></li> + <li jstcache="0"> <a href="getstarted.html" jstcache="0">Getting Started</a></li> + <li jstcache="0"> <a href="overview.html" jstcache="0">Overview</a></li> + <li jstcache="0"> <a href="devguide.html" jstcache="0"><div jstcache="0">Developer's Guide</div></a> + <ul jstcache="0"> + <li jstcache="0"><a href="toolstrip.html" jstcache="0">Toolstrips</a></li> + <li jstcache="0"><a href="pageActions.html" jstcache="0">Page Actions</a></li> + <li jstcache="0"><a href="background_pages.html" jstcache="0">Background Pages</a></li> + <li jstcache="0"><a href="content_scripts.html" jstcache="0">Content Scripts</a></li> + <li jstcache="0"><a href="events.html" jstcache="0">Events</a></li> + <li jstcache="0"><a href="tabs.html" jstcache="0">Tabs</a></li> + <li jstcache="0"><a href="windows.html" jstcache="0">Windows</a></li> + <li jstcache="0"><a href="bookmarks.html" jstcache="0">Bookmarks</a></li> + <li jstcache="0"><a href="themes.html" jstcache="0">Themes</a></li> + <li jstcache="0"><a href="npapi.html" jstcache="0">NPAPI Plugins</a></li> + <li jstcache="0"><a href="packaging.html" jstcache="0">Packaging</a></li> + <li jstcache="0">Autoupdate</li> + </ul> + </li> + <li jstcache="0"><a href="tutorials.html" jstcache="0"><div jstcache="0">Tutorials</div></a> + <ul jstcache="0"> + <li jstcache="0"><a href="tut_debugging.html" jstcache="0">Debugging</a></li> + </ul> + </li> + <li jstcache="0">Reference + <ul jstcache="0"> + <li jstcache="0"> Formats + <ul jstcache="0"> + <li jstcache="0"><a href="manifest.html" jstcache="0">Manifest Files</a></li> + <li jstcache="0"><a href="match_patterns.html" jstcache="0">Match Patterns</a></li> + <li jstcache="0">Packages (.crx)</li> + </ul> + </li> + <li jstcache="0"> <a href="api_index.html" jstcache="0">chrome.* APIs</a> </li> + <li jstcache="0"> <a href="api_other.html" jstcache="0">Other APIs</a> </li> + </ul> + </li> + <li jstcache="0"><a href="http://dev.chromium.org/developers/design-documents/extensions/samples" jstcache="0">Samples</a></li> + </ul> + </div> + + <div id="mainColumn" jstcache="0"> + <!-- TABLE OF CONTENTS --> + <div id="toc" jsdisplay="showPageTOC()" jstcache="2" style="display: none; "> + <p jstcache="0">Contents</p> + <ol jstcache="0"> + <li jsselect="getStaticTOC()" jstcache="9"> + <a jscontent="name" jsvalues=".href:'#' + href" jstcache="14">h2Name</a> + <ol jstcache="0"> + <li jsselect="$this.children" jstcache="22"> + <a jscontent="name" jsvalues=".href:'#' + href" jstcache="14">h3Name</a> + </li> + </ol> + </li> + <div jsselect="apiDefinition" jstcache="3"> + <li jstcache="0"> + <a href="#apiReference" jscontent="'API reference: ' + getModuleName()" jstcache="4">API reference</a> + <ol jstcache="0"> + <li jsdisplay="$this.properties" jstcache="5"> + <a href="#properties" jstcache="0">Properties</a> + <ol jstcache="0"> + <li jsselect="getPropertyListFromObject($this)" jstcache="10"> + <a jscontent="name" jsvalues=".href:'#property-' + name" href="#property-anchor" jstcache="42">propertyName</a> + </li> + </ol> + </li> + <li jsdisplay="functions && functions.length > 0" jstcache="6"> + <a href="#methods" jstcache="0">Methods</a> + <ol jstcache="0"> + <li jsselect="functions.sort(sortByName)" jstcache="11"> + <a jscontent="name" jsvalues=".href:'#method-' + name" href="#method-anchor" jstcache="43">methodName</a> + </li> + </ol> + </li> + <li jsdisplay="events && events.length > 0" jstcache="7"> + <a href="#events" jstcache="0">Events</a> + <ol jstcache="0"> + <li jsselect="events.sort(sortByName)" jstcache="12"> + <a jscontent="name" jsvalues=".href:'#event-' + name" href="#event-anchor" jstcache="44">eventName</a> + </li> + </ol> + </li> + <li jsdisplay="types && types.length > 0" jstcache="8"> + <a href="#types" jstcache="0">Types</a> + <ol jstcache="0"> + <li jsselect="types.sort(sortByName)" jstcache="38"> + <a jscontent="id" jsvalues=".href:'#type-' + id" href="#id-anchor" jstcache="45">id</a> + </li> + </ol> + </li> + </ol> + </li> + </div> + </ol> + </div> + <!-- /TABLE OF CONTENTS --> + + <!-- STATIC CONTENT PLACEHOLDER --> + <div id="static" jstcache="0"><div id="pageData-title" class="pageData" jstcache="0">Cross-Origin XMLHttpRequest</div> + +<!-- BEGIN AUTHORED CONTENT --> +<p id="classSummary" jstcache="0"> +In regular web pages, the +<a href="http://www.w3.org/TR/XMLHttpRequest/" jstcache="0">XMLHttpRequest</a> +object can be used to send and receive data from remote servers, but is +constrained by the +<a href="http://en.wikipedia.org/wiki/Same_origin_policy" jstcache="0">same origin policy</a>. +Extensions are allowed to access remote servers outside of their origin, +but they must first declare their intent to do so.</p> + +<h2 id="extension-origin" jstcache="0">Extension Origin</h2> +<p jstcache="0">Each running extension exists within it's own seperate security origin. Without +requesting additional priviliges, the extension can use +the XMLHttpRequest to access resources within it's installation. For example, if +the extension contains a JSON configuration file called <var jstcache="0">config.json</var>, +in a <var jstcache="0">config_resources</var> folder, it could retrieve it's contents like +this:</p> + +<pre jstcache="0">var xhr = new XMLHttpRequest(); +xhr.onreadystatechange = handleStateChange; // Implemented elsewhere. +xhr.open("GET", chrome.extension.getURL('/config_resources/config.json'), true); +xhr.send(); +</pre> + +<p jstcache="0">If the extension attempted to access a security origin other than itself, +say</p> + +<pre jstcache="0">xhr.open("GET", "http://www.google.com", true); +</pre> + +<p jstcache="0">The browser would disallow it.</p> + +<h2 id="requesting-permission" jstcache="0">Requesting Cross-Origin Permissions</h2> + +<p jstcache="0">By adding hosts and/or host match patterns to the +<a href="manifest.html#permissions" jstcache="0">permissions</a><a jstcache="0"> section of the +</a><a href="manifest.html" jstcache="0">manifest</a> file, the extension can request access to +remote servers outside of it's origin.</p> + +<pre jstcache="0">"permissions": [ + "http://www.google.com/", +], +</pre> + +<p jstcache="0">Cross-origin permission values can be either fully qualified host names, +like</p> + +<pre jstcache="0">"http://www.google.com/" or +"http://www.gmail.com/"</pre> + +<p jstcache="0">or match patterns, like</p> + +<pre jstcache="0">"http://*.google.com/" or +"http://*/"</pre> + +<p jstcache="0">which would allow http access to all reachable domains. Note that here, +match patterns are similar to <a href="match_patterns.html" jstcache="0">content script +match patterns</a>, but any path information following the host is ignored.</p> + +<p jstcache="0">Also, note that access is granted both by host and scheme. If an extension +wants secure and non-secure http access to a given host or set +of hosts, it must declare the permissions seperately:</p> + +<pre jstcache="0">"permissions": [ + "http://www.google.com/", + "https://www.google.com/", +], +</pre> + + +<!-- END AUTHORED CONTENT --> +</div> + + <!-- API PAGE --> + <div class="apiPage" jsselect="apiDefinition" jstcache="3" style="display: none; "> + <a name="apiReference" jstcache="0"></a> + <h2 jscontent="'API reference: ' + getModuleName()" jstcache="4">API reference: chrome.apiname </h2> + + <!-- PROPERTIES --> + <div jsdisplay="$this.properties" class="apiGroup" jstcache="5"> + <a name="properties" jstcache="0"></a> + <h3 id="properties" jstcache="0">Properties</h3> + + <div jsselect="getPropertyListFromObject($this)" jstcache="10"> + <a jsvalues=".name:'property-' + name" jstcache="15"></a> + <h4 jscontent="name" jstcache="16">getLastError</h4> + <div class="summary" jstcache="0"> + <!-- Note: intentionally longer 80 columns --> + <span jscontent="getModuleName() + '.'" jstcache="23">chrome.extension</span><span jscontent="$this.name" jstcache="24">lastError</span> + </div> + <div transclude="valueTemplate" jstcache="17"> + </div> + </div> + + </div> <!-- /apiGroup --> + + <!-- METHODS --> + <div jsdisplay="functions && functions.length > 0" class="apiGroup" id="methods" jstcache="6"> + <a name="methods" jstcache="0"></a> + <h3 jstcache="0">Methods</h3> + + <!-- iterates over all functions --> + <div class="apiItem" jsselect="functions.sort(sortByName)" jstcache="11"> + <a jsvalues=".name:'method-' + name" jstcache="18"></a> <!-- method-anchor --> + <h4 jscontent="name" jstcache="16">method name</h4> + + <div class="summary" jstcache="0"><span jsdisplay="returns" jscontent="getTypeName(returns)" jstcache="25">void</span> + <!-- Note: intentionally longer 80 columns --> + <span jscontent="getFullyQualifiedFunctionName($this)" jstcache="26">chrome.module.methodName</span>(<span jsselect="parameters" jsvalues="class:optional ? 'optional' : ''" jstcache="27"><span jsdisplay="$index" jstcache="33">, </span><span jscontent="getTypeName($this)" jstcache="34"></span> + <var jstcache="0"><span jscontent="name" jstcache="16"></span></var></span>)</div> + + <div class="description" jstcache="0"> + <p class="todo" jsdisplay="!description" jstcache="28">Undocumented.</p> + <p jsdisplay="description" jsvalues=".innerHTML:description" jstcache="29"> + A description from the json schema def of the function goes here. + </p> + + <!-- PARAMETERS --> + <h4 jstcache="0">Parameters</h4> + <dl jstcache="0"> + <div jsselect="parameters" jstcache="35"> + + <!-- VALUE: This is a subtemplate that is used elsewhere + via jsTemplate *transclude* --> + <div id="valueTemplate" jstcache="0"> + <dt jstcache="0"> + <var jsdisplay="$this.name" jscontent="$this.name" jstcache="46">paramName</var> + <em jstcache="0"> + + <!-- TYPE --> + <div style="display:inline" jstcache="0"> + ( + <span class="optional" jsdisplay="optional" jstcache="47">optional</span> + <span id="typeTemplate" jstcache="0"> + <span jsdisplay="getTypeRef($this)" jstcache="48"> + <a jsvalues=".href: getTypeRefPage($this) + '#type-' + getTypeRef($this)" jscontent="getTypeRef($this)" jstcache="50"> Type</a> + </span> + <span jsdisplay="!getTypeRef($this)" jstcache="49"> + <span jsdisplay="isArray($this)" jstcache="51"> + array of <span jsselect="items" jstcache="53"><span transclude="typeTemplate" jstcache="54"></span></span> + </span> + <span jsdisplay="!isArray($this)" jscontent="getTypeName($this)" jstcache="52">paramType</span> + </span> + </span> + ) + </div> + + </em> + </dt> + <dd class="todo" jsdisplay="!$this.description" jstcache="39"> + Undocumented. + </dd> + <dd jsdisplay="$this.description" jsvalues=".innerHTML:$this.description" jstcache="40"> + Description of this parameter from the json schema. + </dd> + + <!-- OBJECT PROPERTIES --> + <dd jsdisplay="shouldExpandObject($this)" jstcache="41"> + <dl jstcache="0"> + <div jsselect="getPropertyListFromObject($this)" jstcache="10"> + <div transclude="valueTemplate" jstcache="17"> + </div> + </div> + </dl> + </dd> + </div> <!-- /VALUE --> + + </div> + </dl> + + <!-- RETURNS --> + <h4 jsdisplay="returns" jstcache="30">Returns</h4> + <dl jstcache="0"> + <div jsselect="returns" jstcache="36"> + <div transclude="valueTemplate" jstcache="17"> + </div> + </div> + </dl> + + <!-- CALLBACK --> + <div jsdisplay="hasCallback(parameters)" jstcache="31"> + <div jsselect="getCallbackParameters(parameters)" jstcache="37"> + <h4 jstcache="0">Callback function</h4> + <p jstcache="0"> + If you specify the <em jstcache="0">callback</em> parameter, + it should specify a function that looks like this: + </p> + + <!-- Note: intentionally longer 80 columns --> + <pre jstcache="0">function(<span jscontent="getSignatureString(parameters)" jstcache="32">Type param1, Type param2</span>) <span class="subdued" jstcache="0">{...}</span>);</pre> + <dl jstcache="0"> + <div jsselect="parameters" jstcache="35"> + <div transclude="valueTemplate" jstcache="17"> + </div> + </div> + </dl> + </div> + </div> + + </div> <!-- /description --> + + </div> <!-- /apiItem --> + + </div> <!-- /apiGroup --> + + <!-- EVENTS --> + <div jsdisplay="events && events.length > 0" class="apiGroup" jstcache="7"> + <a name="events" jstcache="0"></a> + <h3 id="events" jstcache="0">Events</h3> + + <!-- iterates over all events --> + <div jsselect="events.sort(sortByName)" class="apiItem" jstcache="12"> + <a jsvalues=".name:'event-' + name" jstcache="19"></a> + <h4 jscontent="name" jstcache="16">event name</h4> + + <div class="summary" jstcache="0"> + <!-- Note: intentionally longer 80 columns --> + <span jscontent="getModuleName() + '.'" class="subdued" jstcache="23">chrome.bookmarks</span><span jscontent="name" jstcache="16">onEvent</span><span class="subdued" jstcache="0">.addListener</span>(function(<span jscontent="getSignatureString(parameters)" jstcache="32">Type param1, Type param2</span>) <span class="subdued" jstcache="0">{...}</span>); + </div> + + <div class="description" jstcache="0"> + <p class="todo" jsdisplay="!description" jstcache="28">Undocumented.</p> + <p jsdisplay="description" jsvalues=".innerHTML:description" jstcache="29"> + A description from the json schema def of the event goes here. + </p> + + <!-- PARAMETERS --> + <h4 jstcache="0">Parameters</h4> + <dl jstcache="0"> + <div jsselect="parameters" jstcache="35"> + <div transclude="valueTemplate" jstcache="17"> + </div> + </div> + </dl> + + </div> <!-- /decription --> + + </div> <!-- /apiItem --> + + </div> <!-- /apiGroup --> + + <!-- TYPES --> + <div jsdisplay="types && types.length > 0" class="apiGroup" jstcache="8"> + <a name="types.sort(sortByName)" jstcache="0"></a> + <h3 id="types" jstcache="0">Types</h3> + + <!-- iterates over all types --> + <div jsselect="types" class="apiItem" jstcache="13"> + <a jsvalues=".name:'type-' + id" jstcache="20"></a> + <h4 jscontent="id" jstcache="21">type name</h4> + + <div transclude="valueTemplate" jstcache="17"> + </div> + + </div> <!-- /apiItem --> + + </div> <!-- /apiGroup --> + + </div> <!-- /apiPage --> + </div> <!-- /mainColumn --> + </div> <!-- /pageContent --> + <div id="pageFooter" --="" jstcache="0"> + <p jstcache="0"> + Except as otherwise <a href="http://code.google.com/policies.html#restrictions" jstcache="0">noted</a>, + the content of this page is licensed under the <a rel="license" href="http://creativecommons.org/licenses/by/3.0/" jstcache="0">Creative Commons + Attribution 3.0 License</a>, and code samples are licensed under the + <a rel="license" href="http://code.google.com/google_bsd_license.html" jstcache="0">BSD License</a>. + </p> + <p jstcache="0"> + ©2009 Google + </p> + </div> <!-- /pageFooter --> + </div> <!-- /container --> +</body></html> +#EOF |