A guide to converting Manifest V2 extensions to Manifest V3 extensions. Created by Exmo – a monetization platform for browser extensions.
In November 2020, Chrome unveiled Manifest V3, marking a significant transition from the long-standing Manifest V2 utilized by extensions. This transition carries substantial implications, particularly considering the array of new features introduced in V3. This tutorial will outline the necessary steps to migrate seamlessly from Manifest V2 to V3.
Note: Manifest V3 is typically supported in Chrome 88 or later versions. For extension features introduced in subsequent Chrome releases, please refer to the API reference documentation for compatibility details. If your extension relies on a particular API, you can define a minimum Chrome version requirement in the manifest file.The format required for the manifest.json file varies slightly between Manifest V3 and Manifest V2. While this page focuses solely on changes specific to the manifest.json file, it’s important to note that several changes to scripts and pages will also necessitate adjustments to the manifest. These modifications are addressed alongside the migration tasks that require them.
Change the value of the “manifest_version” field from 2 to 3.
Manifest V2
{
...
"manifest_version": 2
...
}Manifest V3
{
...
"manifest_version": 3
...
}In Manifest V3, host permissions are now specified as a separate field and are not included within the “permissions” or “optional_permissions” sections.
Content scripts continue to be defined under “content_scripts.matches“. For further details, refer to the “Inject with static declarations” section.
Manifest V2
{
...
"permissions": [
"tabs",
"bookmarks",
"https://exmo.tech/",
],
"optional_permissions": [
"unlimitedStorage",
"*://*/*",
]
...
}Manifest V3
{
...
"permissions": [
"tabs",
"bookmarks"
],
"optional_permissions": [
"unlimitedStorage"
],
"host_permissions": [
"https://exmo.tech/",
],
"optional_host_permissions": [
"*://*/*",
]
...
}The approach to handling web accessible resources has been updated in Manifest V3 to enhance security and limit exposure. Previously, in Manifest V2, the “web_accessible_resources” field allowed extensions to be detected by websites and potentially exploited by attackers if resources were exposed. This raised concerns related to fingerprinting or unintended resource access.
In Manifest V3, access to resources within extensions is restricted, and you now define permissions more selectively. Instead of simply listing files, you provide an array of objects, each mapping a set of resources to specific URLs or extension IDs.
For a clearer understanding, let’s compare the handling of web accessible resources between Manifest V2 and Manifest V3:
In Manifest V2:
In the Manifest V3 code snippet below:
For further details, refer to the documentation on Web accessible resources and Match patterns.
Manifest V2
{
...
"web_accessible_resources": [
"images/*",
"style/extension.css",
"script/extension.js"
],
...
}Manifest V3
{
...
"web_accessible_resources": [
{
"resources": [
"images/*"
],
"matches": [
"*://*/*"
]
},
{
"resources": [
"style/extension.css",
"script/extension.js"
],
"matches": [
"https://example.com/*"
]
}
],
...
}Manifest V3 (MV3) is the latest version of the Chrome extension platform, introduced by Google in November 2020. It brings significant changes to how extensions are developed and function, with a focus on improved security, privacy, and performance. Upgrading to MV3 ensures that your extension complies with the latest standards and takes advantage of new features.
To upgrade your extension to Manifest V3, simply change the “manifest_version” field in your manifest.json file from 2 to 3.
In MV3, host permissions are specified separately from general permissions. You need to move the URLs from the “permissions” and “optional_permissions” sections to the new “host_permissions” and “optional_host_permissions” sections.
To migrate to a service worker, you need to define it in your manifest.json and update your background script logic to use the service worker.
Manifest V3 improves security by enforcing stricter content security policies, disallowing the execution of arbitrary code, and requiring that all code be included within the extension package. You should review your extension’s use of external scripts and ensure they are bundled with your extension or use sandboxed iframes where necessary.
Detailed instructions and examples can be found in the Chrome Extension documentation and API reference. The Chrome Extension Samples repository also provides practical examples and code snippets to help you migrate and update your extension.
You’ve spent tons of time on your extension: optimized the code, squashed bugs, polished the…
In the browser extension development community, particularly among Firefox users, there is a bias against…
Affiliate marketing is a powerful tool for monetizing browser extensions. It requires no direct costs…
Your browser extension already delivers value to users, but have you considered making it a…
Creating a successful extension is a significant achievement, but one of the toughest challenges begins…
Developers looking for innovative ways to generate revenue can turn to Affiliate Marketing to Monetize…
This website uses cookies to enhance your browsing experience. By continuing to use our site, you consent to our use of cookies.
Terms and Conditions