commit de97406083f55bf7a52ebf72103e9f581c730706
parent 22c931247bfccb787c7e4611ae41a4ad9ed5644a
Author: Florian Dold <florian@dold.me>
Date: Tue, 25 Nov 2025 00:58:06 +0100
more considerations
Diffstat:
1 file changed, 24 insertions(+), 4 deletions(-)
diff --git a/design-documents/039-taler-browser-integration.rst b/design-documents/039-taler-browser-integration.rst
@@ -122,9 +122,10 @@ The following features are supported:
* ``uri`` will hijack anchor elements (``<a href="taler://..." onclick=...>``) and replace their onclick handler
with a different handler that lets the webexension wallet handle the ``taler://`` URI.
-* ``callback`` will call the ``window.talercb`` callback with ``{ present: boolean }`` to
+* ``callback`` will call the ``window.talerCallback`` callback with ``present: boolean`` to
indicate the presence of the webext wallet (``present: true``). On deinstallation/deactivation
- of the extension, the callback will be called with ``present: false`` on a best-effort basis.
+ of the extension, the callback will be called with ``present: false`` on a best-effort basis.
+ Websites **MUST NOT** rely the ``present: false`` callback to be fired.
* (future): ``api`` will inject the ``window.taler`` API into the page.
It is recommended to use the ``callback`` feature to wait until
@@ -156,8 +157,27 @@ Caveats and Comments
* Triggering the webextension wallet to handle the ``taler://`` URI.
* Future ``window.taler`` injection should be based on user preferences on
- sites where the user has explicitly accepted to disclose that is owner of a
- Taler wallet.
+ sites where the user has explicitly accepted to disclose that they are a
+ Taler wallet user.
+
+* There is no easy way to reliably and efficiently detect from within a content
+ script that a webextension has been installed. One possibility:
+
+ * The content script uses a ``onDisconnect`` handler for a port
+ to the background page / web worker.
+ * When this handler is invoked, either the extension was uninstalled
+ or the background page / web worker went to sleep.
+ We can figure out if the extension is still installed
+ by periodically checking ``chrome.runtime.id``.
+ * There is good way to invoke the ``window.talerCallback`` callback. One
+ possibility would be to communicate via another ``meta`` tag that the
+ content scripts creates when injected / the injected script observes. This
+ is very complex though. When the content script learns about the
+ uninstalled extension, the meta tag is removed.
+
+ * Note that other ways to communicate with the page are not available
+ anymore, as the extension has already been unloaded.
+
Other Alternatives
==================
