Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to connect dev-tools #912

Open
1 of 2 tasks
rendomnet opened this issue Aug 28, 2024 · 3 comments
Open
1 of 2 tasks

How to connect dev-tools #912

rendomnet opened this issue Aug 28, 2024 · 3 comments

Comments

@rendomnet
Copy link

Build tool

Vite

Where do you see the problem?

  • In the browser
  • In the terminal

Describe the bug

I'm using Vite-CRX with Vue and can't find a way to connect Vue DevTools to my extension.
Is there any solution or documentation available for this?

Reproduction

1

Logs

2

System Info

latest

Severity

annoyance
@MishaYanov
Copy link

Using other extensions within your popup window is not allowed because it would imply that an extension, which is a standalone bundle, shares a direct connection with another extension, posing a severe security risk. This is due to Chrome's strict Content Security Policy (CSP) restrictions, not an issue with this repository.

Here's what you can try:

  1. Download and Build Standalone Vue Devtools:

    • Visit: Vue.js Devtools Releases.
    • Download the source code and extract it.
    • Follow the instructions in installation.md to generate a standalone Electron app for Vue Devtools.
    • Add <script src="http://localhost:8098"></script> to the head of your HTML file.

  2. Update Your Manifest JSON:

    • Include localhost permissions: 
      "host_permissions": [
  "http://localhost/*",
],
"content_security_policy": {
  "extension_pages": "script-src 'self' http://localhost:8098; object-src 'self'"
}

  3. The eval Issue:

    • Although you might attempt to add 'unsafe-eval' to your CSP: 
      "extension_pages": "script-src 'self' 'unsafe-eval' http://localhost:8098; object-src 'self'"
      Chrome's extension security policy (especially in Manifest V3) typically disallows unsafe-eval. Vue Devtools uses eval internally, which will likely lead to issues if you try to run it within a Chrome extension.

Alternatives:

  • Proxy Tools: Consider using a tool like ngrok to proxy your localhost environment to a public, secure URL. This allows you to bypass some of the strict CSP restrictions.
  • Develop in a Regular Browser Tab: For development, it’s often easier and more effective to work within a standard browser tab. Vue Devtools can be fully utilized here without the CSP limitations imposed by Chrome extensions.

Summary:

While there are workarounds, developing and debugging your Vue.js application outside the Chrome extension environment is often the most effective approach. This ensures that you can use tools like Vue Devtools without running into CSP-related issues.

@rendomnet
Copy link
Author

rendomnet commented Aug 28, 2024
edited
Loading

@MishaYanov Manifest v3 prohibits the use of unsafe-eval, rendering the primary method you provided ineffective. It will only confuse another developers that will visit this page.

@Toumash
Copy link

Toumash commented Sep 7, 2024
edited
Loading

My solution was working up until the last update - you could try to update the patch provided.
You can find the solution, explanation, code, patch in the readme
https://github.com/Toumash/crxjs-vite-plugin-react-devtools

It has one flaw - HMR does not work with it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Toumash @rendomnet @MishaYanov