here is the discussion
Having same issue. Is this a bug?
There are no more “required” host permissions for MV3 in Firefox, each permission could be granted or revoked by the user at any point. Here’s a blog post with more information: https://blog.mozilla.org/addons/2022/11/17/unified-extensions-button-and-how-to-handle-permissions-in-manifest-v3/
We’re developing UI that will enable users to more easily grant permissions (or not) during install, but your extension should still expect that some users might choose to not do it. You should check that using the permissions.contains()
api and react as appropriate for your use case (that could be explaining to users why your extension needs permissions and/or asking for them using the permissions.request()
api).
Firefox may pretend there are no more “required” host permissions, but that doesn’t change the reality that for some extensions they are indeed required for the extension to operate.
Unfortunately this appears to be a pretty major devolution in UX. For example, if an extension is for only one site, and only works on that site, it’s pointless to make that host permission optional. It’s preferable that the user agree up front or simply not download the extension, like in V2.
Likewise in V2 a user can easily disable the entire extension if they want to “revoke” its permission to operate on that site. Now it is confusing since this sort of extension will simply not work after installation by default, and an extra step must be taken to activate it. For this type of extension, this extra step is a more complicated, less-clear version of the already existing enable/disable option. Now there are individual permissions that can break the extension without explicitly disabling it.
In my opinion this should have fallen into the category of “if it’s not broken don’t fix it”. This change needlessly removes choice from developers and only pretends to give the choice to users. I think there’s something to be said for optional permissions if they are truly optional, but artificially designating all permissions as “optional” is not the correct way to go about this.
It needs to be explicitly clear to users right away that there are “this extension will not work without this permission so don’t bother downloading it if you don’t grant it” types of permissions, and these should be enabled upon installation by default. And if you disable it manually, it should make you confirm that you actually want to effectively disable the entire extension. Otherwise this change harms both users and developers of extensions by simply injecting confusion and the illusion of choice into a process that already worked exactly as it should.
This is not the point of V3 and is a solid reason to avoid it until absolutely necessary in my opinion.
I think one (terrible) workaround is to show a big banner in your addon UI - similar to those annoying “cookies” banners - and simply tell user that you need <permissions-list>
and a button call “Grant required permissions” that will then call browser.permissions.request
API. That will ask user to grant permissions and then it should be OK again.
At least this is how it works in Safari so I guess it will work here too.
EDIT:
Ok I see now I didn’t really write anything new and zombie above already said that .