Troubleshooting Chrome Web Store violations

This page is provided to help you understand why your extension was rejected or removed from the Chrome Web Store and how you can fix the violation.

Each section in this document describes the issues that correspond to a particular category of violation. In order to make it easier to reference specific violations, the Chrome Web Store assigns each violation a human-readable ID. These IDs are composed of two words: a color and an element. For example, Yellow Magnesium corresponds to the general class of errors where the extension does not behave as expected.

Additional requirements for Manifest V3

Corresponds to notification ID: Blue Argon

The intent of this policy is to ensure that Manifest V3 extensions are not including remotely hosted code.

Common reasons for rejection

  • Including a <script> tag that points to a resource that is not within the extension's package.

  • Using JavaScript's eval()` method or other mechanisms to execute a string fetched from a remote source.

  • Building an interpreter to run complex commands fetched from a remote source, even if those commands are fetched as data.

How can you rectify this?

  • Double check all code for references to external JavaScript files, which should be replaced with internal extension files.

  • Review the Manifest V3 migration guide Improve extension security for a walkthrough on alternatives to execution of arbitrary strings and remotely hosted code.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Functionality not working

Corresponds to notification ID: Yellow Magnesium

The intent of this policy is to ensure a minimum quality level for all items published in the Chrome Web Store. Extensions should provide the functionality described in their listings and, if they cannot, communicate that to the user.

Common reasons for removal/rejection

  • Your item has packaging errors. Examples:
    • There are files mentioned in your manifest that are not present in your package. This is most commonly seen with image files.
    • The path or name of the files mentioned in your package are incorrect
  • A functionality in your item is not working due to a server side issue at the time of reviewing.
  • Your item is just not functioning as it expected based on the item's listing.

How can you rectify this?

  • Test the code that you submit to the web store locally.
    • Test the exact files that you submit to the web store, not just a local development version of your extension. This may mean extracting resources from the package that you submitted.
    • Unpacked and packed extensions can have different behaviors. Make sure that Chrome loads a packed version of your extension as expected by manually packing your extension and dragging the generated .crx file onto the chrome://extensions page.
  • Verify that your submission contains the files you expect at the paths you expect.
    • Ensure that all the files mentioned in your manifest.json are present in the package and their names and paths are correct.
    • Check for case sensitivity bugs. For example, say your background script was named Background.js, but your manifest.json references background.js. Some file systems will treat these as the same file while others will treat them as two distinct files, causing Chrome to error when loading the extension.
  • Make sure that your extensions clearly communicate error conditions to the user.
    • It should be as obvious as possible for new users to understand how your extension works and verify it's behaving correctly.
    • If your extension requires an account or special network environment, make sure that requirement is communicated to the user. If these conditions are not met, consider ways that you can make the user aware that the extension will not work as expected.
    • Test your experience on an unreliable internet connection (e.g. lie-fi). The extension's UI should gracefully handle request timeouts, HTTP 400 and 500 errors, certificate timeouts, and other such error conditions.
  • If you cannot determine why the reviewer thought that your extension was not working as expected, contact developer support to request more information about the rejection.
    • In some cases, reviewers may encounter issues you cannot reproduce. Use the developer support contact form to request clarification about what features or user flows did not behave as expected.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Excessive permissions

Corresponds to notification ID: Purple Potassium

The intent of this policy is to prevent excessive and unnecessary access to user data by extensions.

Common reasons for removal/rejection

  • The extension is requesting a permission but not using it.
  • The extension is requesting a permission that is not required to implement the functionality the extension provides.

Commonly misunderstood permissions

activeTab

This permission grants temporary access to a tab in response to a user invoking your extension. It DOES NOT grant passive access to the user's currently focused tab.

  • When is it required?
    • When you need temporary access to a tab after the user invokes your extension.
  • When is it NOT required?
    • When the extension has access to broad host permissions or host permissions for the specific domains that are relevant to the extension's operations.
    • When using methods on the action, browserAction, pageAction APIs. These APIs can use activeTab to grant temporary host permissions for the currently focused tab, but they do not need activeTab to function.
    • When using tabs.sendMessage to send a message to a specific tab.
    • For basic use of tabs.query, such as querying the user's current tab.

tabs

This permission ONLY grants access to the url, pendingUrl, title, or favIconUrl properties of Tab objects.

  • When is it required?
    • When an extension does not have broad host access, but needs to be able to read sensitive data like the URL of an arbitrary tab.
  • When is it NOT required?
    • When using methods on the tabs API.
    • When the extension has access to broad host permissions. Host permissions grant the extension access to the same data as well as other capabilities.

cookies

This exposes the chrome.cookies API and allows the extension to modify cookies on origins that it has host permissions to access.

storage

The storage permission exposes the chrome.storage API to the extension.

How can you rectify this?

  • Review the list of commonly misunderstood permissions to see if you have committed one of the mistakes listed there.
  • Request only the narrowest permission required to implement your extension's functionality.
  • Remove all unused permissions from your manifests.json's permissions, optional_permissions, and host_permissions arrays.
  • If the message from review does not contain enough information to determine which permissions were considered excessive, contact developer support to request more information about the rejection.
  • If the reviewer indicated that your extension did not use a given permission but you believe it does, contact developer support to appeal the decision and to provide a detailed explanation of why the permission is necessary and how it is used.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Missing or insufficient metadata

Corresponds to notification ID: Yellow Zinc

The intent of this policy is to ensure a basic quality level of all items in the Chrome Web Store. Users should be able to understand what features and functionality an item provides based on its listing before they choose to install it. Items that misrepresent their capabilities or fail to disclose important information may be subject to enforcement action.

Common reasons for removal/rejection

  • The extension is missing an icon, title, screenshot, or description.
  • The extension's title is not meaningful or is misleading.
  • The extension's screenshots or description is not meaningful or doesn't adequately explain the functionality it provides.

How can you rectify this?

  • Ensure the extension has a meaningful icon, title, screenshots, and description.
  • Clearly explain the extension's functionality in the description and screenshots.
    • List all major features the extension provides.
  • Review the rectification guidance in the Functionality not working section.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Deceptive behavior

Corresponds to notification IDs: Red Nickel, Red Potassium, and Red Silicon

The intent of this policy is to prevent extensions from deceiving or misleading the users.

Common reasons for removal/rejection

  • The extension does not provide the functionality described in the metadata1.
  • The extension provides different functionality than what is described in the metadata1.
  • The extension performs actions not mentioned in the metadata1.
  • The extension impersonates another entity2.
  • The extension copies or is copied from another entity2.
  • The extension pretends to be authorized by another entity2.

1 Metadata means the title, icon, description, screenshots, and other developer-provided information specified in the developer dashboard.

2 An entity here means any company, organization, or extension.

How can you rectify this?

  • Ensure the functionality promised by your extension is working as intended.
  • Clearly state the functionality of your extension in the metadata.
  • Do not perform actions not mentioned in the metadata.
  • Do not pretend to be another entity.
  • Do not copy another extension. You may offer the same functionality as another extension but do not copy from other extensions.
  • Do not pretend that your extension was endorsed, authorized or produced by another entity.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

User data policy - disclosure policy

Corresponds to notification ID: Purple Lithium

The User Data Privacy policy is a broad category under which several other policies are gathered. All of these policies have to do with the handling and transmission of sensitive information about the user.

This policy applies to all extensions that collect user data. This particular section is to ensure that users are aware of what data is collected, and how it is collected, used, and shared.

Common reasons for removal/rejection

  • The extension is collecting user data but has not provided a privacy policy.
  • The privacy policy is not provided in the designated field—a common mistake here is providing the privacy policy in the description.
  • The privacy policy URL is not working.
  • The privacy policy is not accessible.
  • The privacy policy URL is not leading to privacy policy.
  • The privacy policy does not talk about user data collection, usage, handling or sharing.

How can you rectify this?

  • Add a valid, working and accessible link to your privacy policy in the designated field.
    • Visit the Privacy tab for your extension to verify that a privacy policy link appears in the "Privacy Policy" box (located at the bottom of the Privacy tab) and that the link works as expected.
  • Ensure the privacy policy talks about data collection, usage, handling, and sharing.
  • If you have done the above but are still encountering review issues, contact developer support to request clarification or appeal the verdict.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Illegal activities

Corresponds to notification ID: Grey Zinc

The intent of this policy is to prevent the use of extensions and the Chrome Web Store to promote or participate in illegal activities.

Common reasons for removal/rejection

The extension is doing anything illegal. See the policy extract for specific examples.

How can you rectify this?

  • If this is the primary functionality of your extension, there is no direct rectification. You should unpublish your extension.
  • If this was an unintended functionality, then remove the content or services that are in violation and resubmit your extension.
  • If you would like more information about why this verdict was applied to your extension, developer support may be able to provide you with further details.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Online gambling

Corresponds to notification ID: Grey Copper

Do not post content or provide services that facilitate online gambling.

Common reasons for removal/rejection

  • Providing online gambling within an extension.
  • Facilitating online gambling on other sites through the extension.
    • For example, providing functionality to calculate the odds of a bet on a gambling site. While this extension does not directly allow the user to gamble, it does facilitate online gambling.
  • Directing users to an online gambling site.
  • Providing games of skill that offer prizes of cash or other value.

How can you rectify this?

  • If this is the primary functionality of your extension, then it is recommended to unpublish your extension.
  • If this was an unintended functionality, then remove the content or services that are in violation and resubmit your extension.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Pornographic content

Corresponds to notification ID: Grey Lithium

The intent of this policy is to prevent the use of extensions and the Chrome Web Store as a platform for pornography.

Common reasons for removal/rejection

  • The extension itself contains sexually explicit material.
  • The extension is displaying or providing sexually explicit material.
  • The extension is directing users to pornographic sites.
  • The extension is primarily meant to enhance sites that provide sexually explicit material.

How can you rectify this?

  • If the primary purpose of your extension is to provide access to sexually explicit material or enhance pornographic sites, you should unpublish your extension; such extensions are not allowed on the Chrome Web Store.
  • If this was an unintended functionality, then remove the content or services that are in violation and resubmit your extension.
  • Make sure that your extension does not contain sexually explicit images, video, text, etc.
  • If your extension provides integrations with adult-oriented sites, make sure that the "Mature content" flag is enabled for your extension in the developer dashboard.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Hate content

Corresponds to notification ID: Grey Magnesium

The intent of this policy is to prevent the use of extensions and the Chrome Web Store as a platform to spread hateful content.

Common reasons for removal/rejection

  • Providing content or directing users to content that is considered hate speech. See the policy text for additional details.

How can you rectify this?

  • If promotion or distribution of hate speech is a primary feature of your extension, then you should unpublish the extension as such content is not permitted in the Chrome Web Store.
  • If your extension provides access to user-generated content, you must ensure that you have content moderation in place to prevent users from sharing hate speech.
  • If your extension contains functionality intended to draw negative attention to an individual's membership in one of the groups outlined in the policy text, you should remove this functionality from your extension.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Not family safe

Corresponds to notification ID: Grey Nickel

The intent of this policy is to prevent non-family-safe content from reaching an inappropriate audience.

Common reasons for removal/rejection

  • The extension has content that is not suitable for audiences of all ages and the extension has not been marked 'Mature'.

How can you rectify this?

  • Either remove the violating content or mark the extension as containing "Mature content" in your developer dashboard and resubmit the extension.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Violent content

Corresponds to notification ID: Grey Potassium

The intent of this policy is to prevent the use of extensions and the Chrome Web Store as a platform to spread the content mentioned in the relevant policy text.

Common reasons for removal/rejection

  • The extension contains content or is directing users to content mentioned in the policy text,

How can you rectify this?

  • If providing access to violent or bullying content is one of the primary features of your extension, unpublish the extension; such extensions are not permitted in the Chrome Web Store.
  • If this was an unintended functionality, then remove the content or services that are in violation and resubmit your extension.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Single purpose

Corresponds to notification IDs: Red Magnesium, Red Copper, Red Lithium, and Red Argon.

This policy is aimed at maintaining the quality of extensions on the Chrome Web Store. As mentioned in the policy text, if there are multiple unrelated functionalities, they should be provided in separate extensions.

Common reasons for removal/rejection

  • The extension provides two or more purposes in the same extension (for example an extension providing image format conversion and bibliography generation).
  • The extension provides one or more unrelated additional functionalities using the extension's action icon.
  • The extension provides a modified search experience on a new tab page which does not respect the user’s choice of search provider.
  • The following are considered distinct purposes. Extensions that provide any of the features listed below may not provide any other functionality.

See the Single Purpose FAQ for additional information.

How can you rectify this?

  • Narrow the functionality of your extension to clearly fit within one well-defined purpose and ensure that purpose is clearly described in your extension's metadata.
  • If your extension is offering some functionality and also injecting ads, then either stop injecting ads or remove all other functionality besides ad injection.
  • Chrome does not support optional new tab pages. If you wish to provide some functionality and an optional new tab page, you should separate the new tab page into a standalone extension.
  • Don't offer another unrelated functionality in the extension's action icon.
  • If your new tab page extension includes a search experience, use the Chrome Search API to ensure it respects the user’s choice of search provider.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

User data policy - prominent disclosure

Corresponds to notification ID: Purple Nickel

The User Data Privacy policy is a broad category under which several other policies are gathered. All of these policies have to do with the handling and transmission of sensitive information about the user.

This section of the policy aims to ensure that users are aware of the data that is being collected and that user consent is obtained before data collection. Be aware that extensions may only collect data in direct support of their single purpose. See the Limited Use of User Data policy for additional information.

Common reasons for removal/rejection

  • The extension is not prominently disclosing how the user data is being used.
  • User consent is not obtained before data collection

How can you rectify this?

  • Prominently disclose to the user what data is being collected and how it will be handled. This information must be provided in the extension's Privacy Policy and may be provided elsewhere.
  • Ensure data is collected only if the user consents to it.
    • Prominent disclosure of data collection in the extension's Chrome Web Store listing is sufficient.
    • Collecting data that is not prominently disclosed in the Chrome Web Store listing is allowed so long as this data collection is consistent with the extension's single purpose, the user is informed of the data collection before it begins, and the user consents to the data collection.
  • Consider providing the user with ways to opt out of data collection from within the extension's options page.
  • Consider providing users with an "offline mode" that only stores user data locally.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

User data policy - secure transmission

Corresponds to notification ID: Purple Copper

The User Data Privacy policy is a broad category under which several other policies are gathered. All of these policies have to do with the handling and transmission of sensitive information about the user.

This particular section is to ensure that user data is being handled securely.

Common reasons for removal/rejection

  • The extension is not transmitting user data securely.
  • The data is being transmitted to an unsecure domain

How can you rectify this?

  • Ensure data is securely transmitted.
    • Don't transmit user data over HTTP. If possible, use secure protocols for all requests.
    • Don't encode data in request headers or query parameters, even over HTTPS. Headers and request URLs often appear in server logs, which can unintentionally leak this information.
    • See Safe HTTP methods for additional information.

Use the Chrome DevTools or other network monitoring tools to watch the network requests the extension makes.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

User data policy - other requirements

Corresponds to notification ID: Purple Magnesium

The User Data Privacy policy is a broad category under which several other policies are gathered. All of these policies have to do with the handling and transmission of sensitive information about the user.

This particular section is to ensure that no sensitive information is being collected unnecessarily and is not disclosed publicly.

Common reasons for removal/rejection

  • The extension is collecting Web Browsing Activity when it is not needed for a user facing feature.
  • Sensitive user information collected using the extension is being disclosed publicly.

How can you rectify this?

  • Don't collect Web Browsing Activity unless it is required for a user-facing feature.
  • Ensure user information is not being disclosed publicly

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Cryptocurrency mining

Corresponds to notification ID: Grey Silicon

The intent of this policy is to prevent the use of extensions and the Chrome Web Store as a platform to mine cryptocurrencies.

Common reasons for removal/rejection

  • The extension is mining cryptocurrencies on user machines.
  • The extension is providing the functionality to mine cryptocurrencies

How can you rectify this?

  • If this is the primary functionality of your extension, then it is recommended to unpublish your extension.
  • If this was an unintended functionality, then remove the content or services that are in violation and resubmit your extension.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Prohibited products

Corresponds to notification IDs: Blue Zinc, Blue Copper, Blue Lithium, and Blue Magnesium

The intent of this policy is to prevent the use of extensions and the Chrome Web Store as a platform to provide access to content protected by paywalls, login restrictions or intellectual property rights.

Common reasons for removal/rejection

  • The extension is providing access to content behind a paywall.
  • The extension is providing access to content behind login restrictions.
  • The extension is facilitating download of YouTube videos.
  • The extension is facilitating download of content that is in violation of the content owner's intellectual property rights.

How can you rectify this?

  • If this is the primary functionality of your extension, then it is recommended to unpublish your extension.
  • If this was an unintended functionality, then remove the content or services that are in violation and resubmit your extension.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Keyword stuffing

Corresponds to notification ID: Yellow Argon

The intent of this policy is to ensure quality of items published to the Chrome Web Store and prevent developers from manipulating their placement in the Store.

Common reasons for removal/rejection

  • The extension is having excessive, irrelevant or inappropriate keywords in the metadata, more commonly, the description.

How can you rectify this?

  • Remove the content (keywords) that are in violation of the policy.

Examples

The following are examples of this type of violation:

  • Including in an extension's metadata a long list of the different sites on which the extension works.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Redirection

Corresponds to notification ID: Yellow Lithium

The intent of this policy is to ensure quality of the products on the Chrome Web Store and prevent products from manipulating their placement in the Store

Common reasons for removal/rejection

  • The only functionality of the extension is to launch another app, theme, webpage, or extension.
  • Examples of violations include
    • Extensions that display a website in a new tab or in a popup when the extension's action is clicked.
    • Extensions that display a promotional page for another product immediately upon installation.

How can you rectify this?

  • As mentioned in the policy, such extensions are not allowed on the Store and it is recommended to unpublish them.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Spam

Corresponds to notification ID: Yellow Nickel

The intent of this policy is to ensure quality of the products on the Chrome Web Store. The Spam policy is to prevent extensions that are harmful for the user's browsing experience and extensions that manipulate their placement on the Chrome Web Store.

Common reasons for removal/rejection

  • You or your affiliates are submitting multiple extensions that provide duplicate experiences or functionality.
  • You are manipulating the extension's reviews, ratings or installs data.
  • The extension is showing notifications to the user in a way that is disruptive or harmful to the user's browsing experience.
  • The extension is sending messages on behalf of the user without the user's consent.

How can you rectify this?

  • Don't submit multiple extensions with duplicate experiences or functionality.
  • Don't try to manipulate the user generated content on your extension's Web Store listing
  • Don't harm the user's browsing experience in any way.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Circumvents the overrides API

Corresponds to notification IDs: Blue Nickel and Blue Potassium

The intent of this policy is to ensure quality of the products on the Chrome Web Store.

Common reasons for removal/rejection

  • The extension is modifying the Chrome New Tab Page but not using the Overrides API.
  • The extension is modifying the Omnibox Search but not using the Overrides API.

How can you rectify this?

  • Do not modify the Chrome New Tab Page or do so using the Overrides API.
  • Do not modify the Omnibox Search or do so using the Overrides API.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Deceptive installation

Corresponds to notification ID: Red Zinc

The intent of this policy is to ensure users are not deceived into installing extensions.

Common reasons for removal/rejection

  • Unclear or inconspicuous disclosures on marketing collateral preceding the Chrome Web Store Product listing.
  • Misleading interactive elements as part of your distribution flow. This includes misleading call-to-action buttons or forms that imply an outcome other than the installation of an extension.
  • Adjusting the Chrome Web Store Product listing window with the effect of withholding or hiding extension metadata from the user.

How can you rectify this?

Publish a new extension that does not employ deceptive methods to market to users or to gather a user base.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Obfuscation

Corresponds to notification ID: Red Titanium

The intent of this policy is to ensure the quality of the extensions and code submitted to the Chrome Web Store.

Common reasons for removal/rejection

Using obfuscated code in the extension package.

How can you rectify this?

Publish a new extension that does not employ deceptive methods to market to users or to gather a user base.

Examples

The following are some examples of violations of this type of policy:

  • Base 64 encoding (e.g. 'SSdtIGluIHVyIGJhc2U=')
  • Character encoding (e.g. '\u{68}a\u0063\u006b\x69ng\u{20}u\u{72}\x20\u0067i\u0062\x73\x6fn')

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Minimum Functionality

Corresponds to notification ID: Yellow Potassium

The intent of this policy is to ensure all extensions in the Chrome Web Store are providing a basic degree of functionality and utility for users. Extensions should provide users with benefits and enrich their browsing experience.

Common reasons for removal/rejection

  • Your submitted extension contained no files other than a manifest.
  • The extension did not provide discernable value or utility to its users.
  • A feature listed in the item's description was not provided directly by the item and instead simply linked to an external service.
  • The extension metadata contained click-baity content designed to attract the attention of users and entice them to install.

How can you rectify this?

  • Ensure that your extension has a defined functionality which provides value.
  • Ensure that any claimed functionality of your item is performed directly by the item itself and not achieved by linking users to an external source.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies:

Affiliate Ads

Corresponds to notification ID: Grey Titanium

The intent of this policy is to ensure users are aware of extensions using affiliate links or codes for monetization, and to give them some amount of control by requiring user action before inclusion.

Common reasons for removal/rejection

  • Your extension uses affiliate marketing links, codes, or cookies without properly disclosing their use in the item's description and user interface.
  • No related user action is required before inclusion of affiliate codes, links, or cookies.

How can you rectify this?

  • Modify your item's description and UI to properly inform users that you are using affiliate programs.
  • Inclusion of affiliate codes must be preceded by a relevant action taken by the user. This action must be related to the affiliated platform such that a reasonable user would understand and consent to the inclusion of said codes.

Relevant policy

This section addresses extensions that are in violation of the following section of the Chrome Web Store developer program policies: