I’ve been working on an extension in which users can build documents by clicking buttons and adding different elements to the DOM. The necessary information is stored in a database in the extension and used to reconstruct the documents at a later time.
Because this is currently initiated through the user first opening a local HTML page (which is only an empty container into which the extension injects the HTML, CSS, JS), the user can incorporate local resources into their custom made documents and the extension can instruct the content script and page script to fetch/load them through a relative path to the local HTML file’s location.
This works now. However, I would like to make this an extension page instead of injecting into a local HTML file and still provide means for the user to incorprate local resources into their documents. I experimented with having a user click in an extension page load a local PDF and it can work, but a local page still needs to be opened in a separtate tab and the CSP in the manifest must be changed to permit the loading of objects.
My question is can this be accomplished without having the user open a local file in a separate tab? For example, could the user select the local folder from whence they wish to load their local resources from within an extension page? There needs to be some type of user-provided/user-initiated “hook” to a relative path of the local disk from which to load the user’s local resources. Is this at all possible in a manner that will meet add-on security policies and be safe for the users?
Thank you.