Home/ Questions/Q 8625233
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T07:43:56+00:00

I have added functionality to my Chrome extension such that the icon button changes

  • 0

I have added functionality to my Chrome extension such that the icon button changes color when it is clicked. The code is simple:

chrome.browserAction.setIcon({path:"icon_pink_lines.png", tabId:tab.id});

However, this took me a while to figure out because it turns out that it doesn’t work when the content_security_policy is set in manifest.json. I originally had

 "content_security_policy": "default-src 'none'; script-src 'self'"

The question is, what, if anything, do I lose by removing this? Or should it just be something else to work with the icon change? To be honest, I just copied the original policy from some sample manifest file and haven’t thought about it since.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There is a default value for content_security_policy if you don’t set it up yourself:

    script-src 'self'; object-src 'self'

    Yours is tighter though. It does not allow to load any external resources (while default policy does not allow only external scripts). It seems that your icon_pink_linkes.png is treated as an external resource and blocked by CSP. This looks like a bug to me, you can report it here (I’ve searched for similar bugs, but haven’t found any).

    • 0