Error Monitoring and Metric Gathering
What do people use for error monitoring and metric gathering?
I have experience using Sentry, but not sure if that's an "accepted standard" in chrome extensions and no idea how to integrate it (any examples)
13 Replies
I've never gathered metrics in my pieces of software, but I do know that different companies use different tools
For example, the last company I worked for used:
https://logz.io
https://fullstory.com
https://applitools.com
But, I've also heard of
https://rookout.com
Logz.io
Logz.io: Cloud Observability & Security Powered by Open Source
Observability and security for teams that love open source.
Build a More Perfect Digital Experience
FullStory’s intuitive digital experience intelligence provide you with critical insights so you can drive high-impact digital improvements & revenue.
Automated Visual Testing | Applitools
Home
Trusted By The World's Leading FrontEnd Teams Enhance your entire testing strategy with Visual AI We reduce the time it takes to create, execute, and
Rookout
Cloud-Native Debugging Tools | Rookout
Speed up the debugging process and accelerate your team's velocity with Rookout's live, remote debugging platform. Debug anything, anywhere. Effortlessly.
Unknown User•2y ago
Message Not Public
Sign In & Join Server To View
The downside of gathering metrics on a Chrome extension is that it will show in the list of hosts that the extension requires to work on
The average user, who doesn't know these tools, might think they're malware
I'm not even exaggerating: about a year ago I released an update that adds support to https://m.youtube.com (up until then it only supported desktop YouTube), yet some users claimed that I aimed to steal user data, despite having no host permissions to do so
YouTube
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
Ahh that's super interesting! Thanks for all the information, will very much have to take into account all this stuff.
@avi12 just to make sure I understand, if my chrome extension wants to contact an API, I'd have to whitelist that somehow?
@stefan Do you have an example of what a Sentry and/or Posthog integration would look like with Plasmo?
Gave +1 Rep to @avi12
Since you wish to send requests to a server (e.g. for metrics), you need to:
- add the host in
manifest.host_permissions
- maybe explicitly allow it on manifest.content_security_policy
But guess what, since you add it to host_permissions, the browser will show the host upon installation to the user, and so users who care for their privacy will likely decline it, EVEN IF the extension is FOSSYeah that doesn't sound the best. I really want to just know that it's not working so I can fix it. I can always test it every so often (or a lot as I use it everyday), but seems like error monitoring would be nice to have
It's not like a website where you can chug the user with a bunch of API calls and the only ways where it won't work are adblockers, Edge's Strict mode and Brave
There's only one way that I can think of that you can work around it
Suppose your extension's functionality relies on sending/receiving data back-and-forth with your site (think like Grammarly), you can "exploit" it by having an endpoint that can receive error handling
OH and I just remembered another method
Since Content Security Policy isn't actually related to
host_permissions, there's a directive specialized in your use case: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uriCSP: report-uri - HTTP | MDN
The deprecated HTTP Content-Security-Policy (CSP)
report-uri directive instructs the user agent to report
attempts to violate the Content Security Policy. These violation reports consist of JSON
documents sent via an HTTP POST request to the specified URI.
@vernak2539
ohh nice, very interesting. I'll have a look. Thanks so much!
@vernak2539 has reached level 3. GG!