Anatomy of an extension





參考 manifest.json 參考頁取得全部的明細。

除了那些參考自manifest之外,附加元件可以包含額外支援的檔案作為 Extension pages

Background scripts 後台腳本


後台腳本會在擴充套件讀取時立即執行且會持續執行直到擴充套件被禁用或是解除安裝。你可以在腳本裡使用任何WebExtension APIs, 只要你已經申請了必要的權限。

Specifying background scripts 載入後台腳本


// manifest.json

"background": {
  "scripts": ["background-script.js"]


然而,你也可以先載入一個後台頁面,然後在後台頁面中載入腳本。這樣的做法能為後台腳本提供 ES 6 模組的支援,算是一个優點。


// manifest.json

"background": {
  "page": "background-page.html"


<!DOCTYPE html>
<html lang="zh-tw">
    <meta charset="utf-8">
    <script type="module" src="background-script.js"></script>

Background script environment 後台腳本環境


後台腳本運行在一個特殊的網頁中,我們稱之為後台頁面(background pages) 。這個頁面會給予他們一個全域的變數window,並且提供腳本使用所有的標準DOM API。

WebExtension APIs

只要你請求了必要的權限後,後台腳本可以使用任何的WebExtension APIs

Cross-origin access 跨域請求

當後台腳本擁有host permissions 時,便能像任何主機發送 XHR 請求。

Web content 網頁內容

後台腳本沒辦法直接的存取前端的網頁。然而,你可以載入 content scripts 到前端網頁後,透過message-passing API 來與 content scripts 進行通訊

Content security policy 內容安全策略

依據内容安全策略(Content Security Policy),後台腳本不能執行一些可能有危險的操作,例如使用 eval()。 詳情请参考内容安全策略

Your extension can include various user interface components whose content is defined using an HTML document:

  • a sidebar is a pane that is displayed at the left-hand side of the browser window, next to the web page
  • a popup is a dialog that you can display when the user clicks on a toolbar button or address bar button
  • an options page is a page that's shown when the user accesses your add-on's preferences in the browser's native add-ons manager.

For each of these components, you create an HTML file and point to it using a specific property in manifest.json. The HTML file can include CSS and JavaScript files, just like a normal web page.

All of these are a type of Extension pages, and unlike a normal web page, your JavaScript can use all the same privileged WebExtension APIs as your background script. They can even directly access variables in the background page using runtime.getBackgroundPage().

Extension pages擴充頁面

You can also include HTML documents in your extension which are not attached to some predefined user interface component. Unlike the documents you might provide for sidebars, popups, or options pages, these don't have an entry in manifest.json. However, they do also get access to all the same privileged WebExtension APIs as your background script.

You'd typically load a page like this using windows.create() or tabs.create().

See Extension pages to learn more.

Content scripts

Use content scripts to access and manipulate web pages. Content scripts are loaded into web pages and run in the context of that particular page.

Content scripts are extension-provided scripts which run in the context of a web page; this differs from scripts which are loaded by the page itself, including those which are provided in <script> elements within the page.

Content scripts can see and manipulate the page's DOM, just like normal scripts loaded by the page.

Unlike normal page scripts, they can:

  • Make cross-domain XHR requests.
  • Use a small subset of the WebExtension APIs.
  • Exchange messages with their background scripts and can in this way indirectly access all the WebExtension APIs.

Content scripts cannot directly access normal page scripts but can exchange messages with them using the standard window.postMessage() API.

Usually, when we talk about content scripts, we are referring to JavaScript, but you can inject CSS into web pages using the same mechanism.

See the content scripts article to learn more.

Web accessible resources 網頁無障礙資源

Web accessible resources are resources such as images, HTML, CSS, and JavaScript that you include in the extension and want to make accessible to content scripts and page scripts. Resources which are made web-accessible can be referenced by page scripts and content scripts using a special URI scheme.

For example, if a content script wants to insert some images into web pages, you could include them in the extension and make them web accessible. Then the content script could create and append img tags which reference the images via the src attribute.

To learn more, see the documentation for the web_accessible_resources manifest.json key.