The Chromium Projects

Search this site

Except as otherwise noted, the content of this page is licensed under a Creative Commons Attribution 2.5 license, and examples are licensed under the BSD License.

Discovery API

Proposal Date
5/16/2012

Who is the primary contact for this API?
Philippe Beaudoin <beaudoin@chromium.org>

Who will be responsible for this API? (Team please, not an individual)

Browser+

Overview
Allows a user to inject custom links into the recommended pane of the New Tab Page. A combiner built into Chrome is responsible of determining which links will be displayed within the slots available on the NTP.

Use cases
Many web services can identify links of interest to the user. An extension built for these services could recommend such links and make them quickly visible when the user reaches the NTP.
Example:
- Twitter extension to display very active conversations
- Google+ extension to display active threads or hangouts
- Google News extension to display breaking news

Do you know anyone else, internal or external, that is also interested in this API?
We believe this API would quickly be adopted by many different web services but we have not approached them yet.

Could this API be part of the web platform?
There is no clear path on how to integrate this to the web platform for the moment.

Do you expect this API to be fairly stable?  How might it be extended or changed in the future?
The extension is being developed experimentally first. It may change with future changes to the NTP. In particular, in its experimental shape the extension doesn’t allow the user to specify a thumbnail bitmap for the link. This may come in a future revision as we expect changes in that area of the NTP.

List every UI surface belonging to or potentially affected by your API:
The NTP recommended pane (currently behind a flag).

How could this API be abused?
- Click-jacking attacks: Extensions could inject evil websites and make them look like legitimate ones promoted by Chrome itself.
- An extension could try to game the combiner ranking algorithm to make its own links show more often than the ones of competing extensions.

Imagine you’re Dr. Evil Extension Writer, list the three worst evil deeds you could commit with your API (if you’ve got good ones, feel free to add more):
1) Recommend a link that looks exactly like a Facebook page, redirect to a clone of the Facebook login page and steal the user’s credentials.
2) Inject a link that looks like a Chrome error, redirect to a page that mimics the Chrome “sign-in” dialog, steal the user’s credentials.
3)
4) Rickrolling!

Alright Doctor, one last challenge:  
Could a consumer of your API cause any permanent change to the user’s system using your API that would not be reversed when that consumer is removed from the system?
No, an extension using this API cannot change anything permanently. When it is removed it stops recommending links.

How would you implement your desired features if this API didn't exist?
Write an extension that completely took over the NTP and that allowed other extensions to inject links through inter-extension communication.

Draft API spec
Doc at: http://www.corp.google.com/~beaudoin/no_crawl/docs/experimental.discovery.html
CL at: http://codereview.chromium.org/10391034/

Open questions
Note any unanswered questions that require further discussion.
Comments