regression: external extensions are forcefully disabled on Linux since 0.68.131

[maximbaz]

Description

On Linux it is possible to install extensions using a preferences json file as per docs.

This is used for distributing extensions as distro packages.

This is not working anymore in Brave 0.68.131, I do see the extension in brave://extensions but it gets disabled on browser startup with the following popup:

This works correctly in previous versions (e.g. Brave 0.67.125) and in latest Chromium (76.0.3809.100).

Steps to Reproduce

On Linux:

1. Put for example the following file in /usr/lib/browserpass-chromium/browserpass-chromium-3.1.1.crx
2. Create file /usr/share/chromium/extensions/pjmbgaakjkbhpopmakjoedenlfdmcdgm.json with the following contents:

{
    "external_crx": "/usr/lib/browserpass-chromium/browserpass-chromium-3.1.1.crx",
    "external_version": "3.1.1"
}

3. Launch Brave

Actual result:

Extension is present on brave://extensions but is disabled on startup

Expected result:

Extension is not disabled

Reproduces how often:

Easily reproduced

Brave version (brave://version info)

Brave | 0.68.131 Chromium: 76.0.3809.100 (Official Build) unknown (64-bit)
Revision | ed9d447d30203dc5069e540f05079e493fc1c132-refs/branch-heads/3809@{#990}
OS | Arch Linux

Compiled myself using the following instructions.

Version/Channel Information:

• Can you reproduce this issue with the current release? Yes
• Can you reproduce this issue with the beta channel? Haven't tried
• Can you reproduce this issue with the dev channel? Haven't tried
• Can you reproduce this issue with the nightly channel? Haven't tried

Other Additional Information:

• Does the issue resolve itself when disabling Brave Shields? N/A
• Does the issue resolve itself when disabling Brave Rewards? N/A
• Is the issue reproducible on the latest version of Chrome? Not in latest Chromium

Miscellaneous Information:

I've seen #2457 and #5063 but I don't think it's duplicate, because this clearly worked in the previous release version of Brave 0.67.125

[rebron]

cc: @fmarier cc: @tomlowenthal

[ghost]

Also getting this problem. Effects several extensions I've been working on, due to this I'm effectively locked out from developing them. This issue effects all non-store extensions, even ones I've signed and published myself

[bsclifton]

@maximbaz @kakolisgay If you go into brave://extensions and enable Developer mode (in the top right), does this resolve the issue?

[maximbaz]

No, I already have that enabled

[rushilsrivastava]

@kakolisgay that behavior is the issue referenced in #2457

[ghost]

@bsclifton No

[ghost]

Seems whatever setting is causing this behaviour is not profile-specific. I'll be looking through chromiums database files and I'll post back if I find whatever's causing this

[ghost]

Even entirely nuking ~/.config/BraveSoftware doesn't seem to help. Only way I see to fix this is to patch install_verifier.cc or extension_service.cc

[jamincollins]

I'm also seeing this behavior with the recent Brave version:
Version 0.68.132 Chromium: 76.0.3809.132 (Official Build) unknown (64-bit)

[ghost]

@rebron @bsclifton Could someone be assigned to this? Brave is basically useless due to this regression

[insilications]

I hope this gets fixed.

[fmarier]

Is this a Brave-specific issue or are Chrome and Chromium also affected?

[ghost]

@fmarier The issue stems from ExtensionService::CheckManagementPolicy() and InstallVerifier::MustRemainDisabled which eventually get angered at something the chromium kernel has found wrong with a system. The same issue has been reported to happen on old versions of chrome so I assume brave has broken or changed something that was preventing this from happening in a normal installation

[rushilsrivastava]

That's correct @kakolisgay, but from what I gather Brave has explicitly enabled this behavior.

[ghost]

@rushilsrivastava Source? If this is something that brave has deliberately done I'm fine completely dropping it in favour of other alternative browsers

[fmarier]

If this is something that brave has deliberately done I'm fine completely dropping it in favour of other alternative browsers

If someone is able to identify a deviation from Chrome which is causing this to break in Brave but not in Chrome, I would not assume that it is intentional. It is more likely to be accidental.

[rushilsrivastava]

@kakolisgay A bit late, but please see my comment here:

#2457 (comment)

From the Brave Website:

"If you see a message saying "Extensions Disabled," it's because Brave has turned off one or more of your extensions to keep your data safe while you're browsing the Internet.

The extensions that Brave turned off either didn't come from the Chrome or Brave Web Store or were determined unsafe

Extensions that have not been published on the Chrome or Brave Web Store are grayed out and you won't be able to turn them back on."

This behavior seems intentional to me, maybe @fmarier can provide more information.

[reedlaw]

This is a terrible design decision and deal breaker for using Brave. It damages trust in the marketing on brave.com:

It begins with giving you back power.
Take back control with Brave.

Where is the power and control?

[rushilsrivastava]

There seems to be an ongoing discussion about this #5063. @fmarier, this seems like a very intentional behavior. Could you please expand?

[rebron]

Can anyone here confirm if this is working properly in Chrome? We didn't disable this on purpose so we want to see if we made a change inadvertantly.

[mbacchi]

I believe this works as expected, at least on Fedora 31. I run Fedora 31 and the Fedora User Agent extension is installed in this manner using the preferences.json file from the fedora-chromium-config package.

As you can see here the extension ID is hojggiaghnldpcknpbciehjcaoafceil, and that ID is used in the name of the json file here.

This RPM is installed on my system here:

rpm -qi fedora-chromium-config-1.1-3.fc31.noarch
Name        : fedora-chromium-config
Version     : 1.1
Release     : 3.fc31
Architecture: noarch
Install Date: Sun 02 Feb 2020 12:13:57 PM MST
Group       : Unspecified
Size        : 18313
License     : GPLv2+
Signature   : RSA/SHA256, Mon 29 Jul 2019 07:05:06 PM MDT, Key ID 50cb390b3c3359c4
Source RPM  : fedora-chromium-config-1.1-3.fc31.src.rpm
Build Date  : Wed 24 Jul 2019 06:24:38 PM MDT
Build Host  : buildvm-ppc64le-16.ppc.fedoraproject.org
Packager    : Fedora Project
Vendor      : Fedora Project
URL         : https://src.fedoraproject.org/rpms/fedora-chromium-config
Bug URL     : https://bugz.fedoraproject.org/fedora-chromium-config
Summary     : Fedora customizations for Chromium/Chrome
Description :
This package is used to install customizations for Chromium/Chrome that are
recommended by Fedora.

And I see that it is enabled in the brave://extensions page here:

I'm not very familiar with Arch Linux but I do know that they are not distributing an official Brave build since as of now we don't build an Arch package.

cc @rebron @bsclifton @fmarier

[reedlaw]

@rebron it works in Chromium for me on Arch Linux.

@mbacchi I have browserpass-chromium installed via Arch User Package and it works fine in Chromium but not in Brave.

[georgeat8]

No new updates on this issue? Currently can't use external extensions (outside of Web Store) since it is labeled as a potential danger (and forcefully disabled); this is on Arch Linux (Manjaro to be more specific).

[bsclifton]

This should officially be fixed now with brave/brave-core#8392 😄

I duplicated this issue (didn't find on initial search) by creating #15024. I'll link to here from that issue and I captured proper test steps in the pull request

The fix for this issue will be in the next Nightly build (1.25.x) and it will propagate through the channels (Beta in 3 weeks, then Release 3 weeks after that). It should hit Release channel on 25 May (2021)

Thanks for your patience folks! We had an unintentional deviation from Chrome/Chromium and I put tests in place to make sure this doesn't regress