externally_connectable

The externally_connectable manifest property declares which extensions, apps, and web pages can connect to your app via runtime.connect and runtime.sendMessage.

For a tutorial on message passing see cross-extension and app messaging and sending messages from web pages.

Connecting without externally_connectable

If externally_connectable is not declared in your app's manifest, all extensions and apps can connect, but no webpages can connect. As a consequence, when updating your manifest to use externally_connectable, if "ids": ["*"] is not specified then other extensions and apps will lose the ability to connect to your app. This may be an unintended consequence, so keep it in mind.

Sample manifest.json

{
  "name": "My externally connectable app",
  "externally_connectable": {
    // Extension and app IDs. If this field is not specified, no
    // extensions or apps can connect.
    "ids": [
      "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
      "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
      ...
      // Alternatively, to match all extensions and apps, specify only
      // "*".
      "*"
    ],
    // Match patterns for web pages. Does not affect content scripts.
    // If this field is not specified, no webpages can connect.
    "matches": [
      "https://*.google.com/*",
      "*://*.chromium.org/*",
      ...
    ],
    // Indicates that the extension would like to make use of the TLS
    // channel ID of the web page connecting to it. The web page must
    // also opt to send the TLS channel ID to the extension via setting
    // includeTlsChannelId to true in runtime.connect's connectInfo
    // or runtime.sendMessage's options.
    "accepts_tls_channel_id": false
  },
  ...
}

Reference

The externally_connectable manifest key can have the following properties:

  • ids (array of string) - optional

    The IDs of extensions or apps that are allowed to connect. If left empty or unspecified, no extensions or apps can connect.

    The wildcard "*" will allow all extensions and apps to connect.

  • matches (array of string) - optional

    The URL patterns for web pages that are allowed to connect. This does not affect content scripts. If left empty or unspecified, no web pages can connect.

    Patterns cannot include wildcard domains nor subdomains of (effective) top level domains; *://google.com/* and https://*.chromium.org/* are valid, while <all_urls>, https://*/*, *://*.com/*, and even https://*.appspot.com/* are not.

  • accepts_tls_channel_id (boolean) - optional

    If true, messages sent via runtime.connect or runtime.sendMessage will set runtime.MessageSender.tlsChannelId if those methods request it to be. If false, runtime.MessageSender.tlsChannelId will never be set under any circumstance.