One of the interesting parts of Google Docs has to do with its support for pasting data. By default, sites can’t read data from the clipboard. This restriction is in place for obvious reasons, as the clipboard can contain sensitive data (e.g. passwords copied from a password manager).

It is possible, however, to paste content on Google Docs using a custom menu item that they have:

Google Docs right click menu

The reason this works is that the Google Docs domain is granted the following permissions:

  • clipboardRead
  • clipboardWrite
  • unlimitedStorage

These permissions are granted by the Google Docs Offline extension (this can be verified by checking the manifest.json file for the extension).

An interesting side effect this has is that extensions that can access the Google Docs domain can make use of the permissions that are granted to it. This means that, for example, an extension that requests access to <all_urls> would implicitly gain each of the above permissions (especially since the Google Docs Offline extension comes bundled with Chrome).

This is ultimately something that’s working as expected. An extension that can access a particular domain has the same set of permissions as the domain itself. This may be unexpected from a user’s point of view, however, since the Google Docs Offline permissions are granted silently.

Similarly, an extension could also use the permissions that have been granted to a particular site through the site-specific settings. For example, if a site has the ability to use the microphone without asking, an extension with access to that site can do so as well.

Therefore, making sure that any extensions you install have as few host permissions as possible makes a lot of sense.