To start a search from an add-on there is a nice API. However, it requires another “search” permission…
I don’t like that…
I mean, okay, for getting all search engines I think it is acceptable, as this can obviously contain private information.
But, IMHO; if you just want to trigger a search with the default provider (i.e. you leave out the engine parameter), it should not prevent me from doing that.
I mean, after all, if I knew the search engine the user used, I could just open a new tab without any extra permissions with the correct URL string… So this discourages me from using the API and implementing such an ugly workaround.
BTW use case: I basically want to use/start a search as a fallback, if the user does not want to use the keyword search (omnibar API), i.e. disables it.
it could be used in malicious ways (I don’t remember the exact scenario)
You only know the name but not the actual search URL exactly because that is behind a permission.
And finally, permissions only really matter if they confuse the user, in which case you have to describe them. Generally there is nothing bad about having to add a permission to use a feature. Permissions are mainly declarations that you intend to use an API within your extension.
So yes, I actually did not think about the fact that you can obviously get out the user’s default search engine if you trigger a search and then read the URL. (which requires the activeTab permission, but as that is only granted on click on a browserAction or so, maybe actually rather the tabs permission, anyway.)
Also, maybe it helps a little to see, why I want to do so. Basically it’s just a little workaround/fallback, which IMHO justifies no extra permission in my use case: