#5848 Use Manifest V2 for Thunderbird Port (#5850)

* Use Manifest V2 for Thunderbird Port * remove content_scripts for Gmail * added test for Thunderbird manifest file * revert changes * refactor * test permissions exclusive only for Thunderbird
FlowCrypt · Oct 15, 2024 · a6c8f59 · a6c8f59
1 parent 70ee9f3
commit a6c8f59
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 6 deletions.
diff --git a/test/source/patterns.ts b/test/source/patterns.ts
@@ -81,11 +81,12 @@ for (const srcFilePath of getAllFilesInDir('./extension', /\.ts$/)) {
 const expectedPermissions: chrome.runtime.ManifestPermissions[] = ['alarms', 'scripting', 'storage', 'tabs', 'unlimitedStorage'];
 const expectedConsumerHostPermissions = ['https://*.google.com/*', 'https://www.googleapis.com/*', 'https://flowcrypt.com/*'];
 const expectedEnterpriseHostPermissions = ['https://*.google.com/*', 'https://*.googleapis.com/*', 'https://flowcrypt.com/*'];
-for (const buildType of ['chrome-consumer', 'chrome-enterprise']) {
+for (const buildType of ['chrome-consumer', 'chrome-enterprise', 'thunderbird-consumer', 'firefox-consumer']) {
   const manifest = JSON.parse(readFileSync(`./build/${buildType}/manifest.json`).toString()) as chrome.runtime.Manifest;
+  const isManifestV3Build = buildType.includes('chrome') || buildType.includes('firefox');
   const expectedHostPermissions = buildType.includes('consumer') ? expectedConsumerHostPermissions : expectedEnterpriseHostPermissions;
   for (const expectedHostPermission of expectedHostPermissions) {
-    if (!manifest.host_permissions.includes(expectedHostPermission)) {
+    if (isManifestV3Build && !manifest.host_permissions.includes(expectedHostPermission)) {
       console.error(`Missing host permission '${expectedHostPermission}' in ${buildType}/manifest.json`);
       errsFound++;
     }
@@ -98,9 +99,31 @@ for (const buildType of ['chrome-consumer', 'chrome-enterprise']) {
       }
     }
   }
-  const gmailCs = manifest.content_scripts?.find(cs => cs.matches?.includes('https://mail.google.com/*'));
-  if (!gmailCs?.css?.length || !gmailCs.js?.length) {
-    console.error(`Missing content_scripts declaration for Gmail in ${buildType}/manifest.json`);
+  if (buildType === 'thunderbird-consumer') {
+    if (manifest.manifest_version !== 2) {
+      console.error(`${buildType} - The manifest version is not 2`);
+      errsFound++;
+    }
+    if (!Array.isArray(manifest.web_accessible_resources)) {
+      console.error(`${buildType} - The web_accessible_resources should be an array`);
+      errsFound++;
+    }
+    if (typeof manifest.content_security_policy !== 'string') {
+      console.error(`${buildType} - The content_security_policy should be a string`);
+      errsFound++;
+    }
+    const thunderbirdExpectedPermissions = ['compose', 'messagesRead', 'messagesUpdate', 'messagesModify', 'accountsRead'];
+    const buildHostPermissions = isManifestV3Build ? manifest.host_permissions : manifest.permissions;
+    for (const expectedHostPermission of thunderbirdExpectedPermissions) {
+      if (!buildHostPermissions?.includes(expectedHostPermission)) {
+        console.error(`${buildType} - Missing permission ${expectedHostPermission} in ${buildType}/manifest.json`);
+        errsFound++;
+      }
+    }
+  }
+  const extensionContentScript = manifest.content_scripts?.find(cs => cs.matches?.includes('https://mail.google.com/*'));
+  if (!extensionContentScript?.css?.length || !extensionContentScript.js?.length) {
+    console.error(`Missing content_scripts declaration for the extension in ${buildType}/manifest.json`);
     errsFound++;
   }
 }

diff --git a/tooling/build-types-and-manifests.ts b/tooling/build-types-and-manifests.ts
@@ -47,10 +47,19 @@ addManifest('firefox-consumer', manifest => {
 addManifest(
   'thunderbird-consumer',
   manifest => {
-    (manifest.action as messenger._manifest._WebExtensionManifestAction).default_title = 'FlowCrypt';
+    // we can continue using Manifest V2 for Thunderbird MailExtension - https://github.com/FlowCrypt/flowcrypt-browser/issues/5848
+    manifest.manifest_version = 2;
     manifest.name = 'FlowCrypt Encryption for Thunderbird';
     manifest.description = 'Simple end-to-end encryption to secure email and attachments on Thunderbird';
     manifest.permissions = [...(manifest.permissions ?? []), 'compose', 'messagesRead', 'messagesUpdate', 'messagesModify', 'accountsRead'];
+    const manifestV3 = manifest as chrome.runtime.ManifestV3;
+    manifest.web_accessible_resources = manifestV3.web_accessible_resources?.[0].resources;
+    manifest.content_security_policy = manifestV3.content_security_policy?.extension_pages;
+    manifest.permissions = [...(manifestV3.permissions ?? []), ...(manifestV3.host_permissions ?? [])];
+    delete manifest.host_permissions;
+    manifest.browser_action = manifestV3.action;
+    (manifest.browser_action as messenger._manifest._WebExtensionManifestAction).default_title = 'FlowCrypt';
+    delete manifest.action;
     manifest.compose_action = {
       default_title: 'Secure Compose', // eslint-disable-line @typescript-eslint/naming-convention
       default_icon: '/img/logo/flowcrypt-logo-64-64.png', // eslint-disable-line @typescript-eslint/naming-convention
@@ -59,6 +68,7 @@ addManifest(
       default_title: 'Secure Compose', // eslint-disable-line @typescript-eslint/naming-convention
       default_icon: '/img/logo/flowcrypt-logo-64-64.png', // eslint-disable-line @typescript-eslint/naming-convention
     };
+    delete manifest.minimum_chrome_version;
     (manifest.browser_specific_settings as messenger._manifest.FirefoxSpecificProperties).strict_min_version = '102.0';
     manifest.background = {
       type: 'module',