We're looking for a user researcher to understand the needs of developers and designers. Is this you or someone you know? Check out the post: https://mzl.la/2IGzdXS

The manifest.json file is the only file that every extension using WebExtension APIs must contain.

Using manifest.json, you specify basic metadata about your extension such as the name and version, and can also specify aspects of your extension's functionality, such as background scripts, content scripts, and browser actions.

It is a JSON-formatted file, with one exception: it is allowed to contain "//"-style comments.

manifest.json keys are listed below:


"manifest_version", "version", and "name" are the only mandatory keys. "default_locale" must be present if the "_locales" directory is present and must be absent otherwise. "applications" is not supported in Google Chrome, and is mandatory in Firefox before Firefox 48 and Firefox for Android.

You can access your extension's manifest from the extension's JavaScript using the runtime.getManifest() function:



The block below contains shows the basic syntax for some common manifest keys. Note that it is not intended to be used as a copy-paste-ready example: which keys you need will depend on you extension you are developing. For complete example extensions, see Example extensions.

  "applications": {
    "gecko": {
      "id": "addon@example.com",
      "strict_min_version": "42.0"

  "background": {
    "scripts": ["jquery.js", "my-background.js"],
    "page": "my-background.html"

  "browser_action": {
    "default_icon": {
      "19": "button/geo-19.png",
      "38": "button/geo-38.png"
    "default_title": "Whereami?",
    "default_popup": "popup/geo.html"

  "commands": {
    "toggle-feature": {
      "suggested_key": {
        "default": "Ctrl+Shift+Y",
        "linux": "Ctrl+Shift+U"
      "description": "Send a 'toggle-feature' event"

  "content_security_policy": "script-src 'self' https://example.com; object-src 'self'",

  "content_scripts": [
      "exclude_matches": ["*://developer.mozilla.org/*"],
      "matches": ["*://*.mozilla.org/*"],
      "js": ["borderify.js"]

  "default_locale": "en",

  "description": "...",

  "icons": {
    "48": "icon.png",
    "96": "icon@2x.png"

  "manifest_version": 2,

  "name": "...",

  "page_action": {
    "default_icon": {
      "19": "button/geo-19.png",
      "38": "button/geo-38.png"
    "default_title": "Whereami?",
    "default_popup": "popup/geo.html"

  "permissions": ["webNavigation"],

  "version": "0.1",

  "web_accessible_resources": ["images/my-image.png"]

Browser compatibility

For a full overview of all manifest keys and their sub-keys, see the full manifest.json browser compatibility table.

ChromeEdgeFirefoxFirefox for AndroidOpera
applications No1514848 No
author Yes1425252 Yes
background Yes1434848 Yes
browser_action Yes4144855 Yes4
chrome_settings_overrides Yes No55 No No
chrome_url_overrides Yes1554 No No
commands Yes No48 No Yes
content_scripts Yes514486486 Yes5
content_security_policy Yes147488488 Yes
default_locale Yes144848 Yes
description Yes144848 Yes
developer No No5252 Yes
devtools_page Yes No54 No Yes
homepage_url Yes No4848 Yes
icons Yes144848 Yes
incognito Yes No4848 Yes
manifest_version Yes144848 Yes
name Yes144848 Yes
omnibox Yes No52 No Yes
optional_permissions Yes No5555 Yes
options_page Yes14 No No15
options_ui40 No4857279
page_action Yes10 111410 1248 Yes Yes10 11
permissions Yes144848 Yes
protocol_handlers No No5454 No
short_name Yes144848 Yes
sidebar_action No No54 No Yes
theme Yes No55 No No
version Yes13144848 Yes
version_name Yes No No No Yes
web_accessible_resources Yes144848 Yes

1. Supported as browser_specific_settings.

2. This key is mandatory in Microsoft Edge.

3. The 'persistent' property is mandatory.

4. If an extension defines a browser action, it is not allowed to define a page action as well.

5. Content scripts are not applied to tabs already open when the extension is loaded.

6. Content scripts won't be injected into empty iframes at 'document_start' even if you specify that value in 'run_at'.

7. Only the default content security policy is supported: "script-src 'self'; object-src 'self';".

8. Firefox does not support '' or 'http://localhost' as script sources: they must be served over HTTPS.

9. Options pages are always opened in a separate browser tab.

10. SVG icons are not supported.

11. If an extension defines a page action, it is not allowed to define a browser action as well.

12. 'default_icon' must be an object, with explicit sizes.

13. Valid Chrome versions are a subset of valid Firefox versions.

Document Tags and Contributors

Last updated by: ExE-Boss,