x
Add to Browser - Free Add to Browser - Free
like
follow

Extension Permission Justification

notamspot.com > Extension Permission Justification

Extension Permission Justification

SmartContentGuard Browser Extension v0.9.0 (Beta)

Document date: December 5, 2025
Recipient: Review Teams — Chrome Web Store, Mozilla Add-ons, Microsoft Edge Add-ons
Developer: SmartContentGuard Team
Version: 1.0

Overview

This document provides detailed technical justification for each permission declared in manifest.json for SmartContentGuard v3.1.0. Each permission is linked to one or more specific extension features and is used only to the extent necessary to perform the avionics security analysis function (NOTAM, METAR, TAF).

Guiding principle: : minimum necessary scope. No permission is used for secondary purposes, non-consented telemetry, or broad browsing data collection.

Declared Permissions

json

{
"permissions": [
"activeTab",
"storage",
"scripting",
"tabs",
"contextMenus",
"downloads"
]
}

1. activeTab

Description

Allows the extension to access the content of the browser’s active tab to automatically analyze critical aeronautical information (NOTAM, METAR, TAF).

Automated Operation

SmartContentGuard operates proactively and automatically to reduce the cognitive load on the aircraft operator:

  1. Automatic Domain Detection

    • User opens an official aeronautical portal page (e.g., AISWEB, REDEMET).

    • The system automatically verifies whether the domain is in the approved whitelist.

    • It identifies the expected content type (NOTAM or Weather).

  2. Real-Time Analysis

    • The extension monitors page loading.

    • As soon as the DOM is ready, it starts scanning for critical terms.

    • It automatically highlights operational safety keywords.

  3. Continuous Processing

    • The system continues monitoring dynamic updates (new NOTAMs, updated METARs).

    • It applies visual highlighting without manual intervention.

    • It updates tooltips and warnings as the content changes.

Typical Use Cases

✅ Automatic Analysis (Default Mode)

  • User opens https://aisweb.decea.mil.br/?i=aerodromos&codigo=SBBR

  • The system detects: whitelisted domain + NOTAM profile.

  • It automatically highlights critical terms: CLSD, INOP, EMERGENCY. CLSDINOPEMERGENCY

  • No manual action is required.

✅ On-Demand Analysis (Optional)

  • User hovers over the lateral floating widget and opens the popup.

  • User selects text and uses the context menu “🔍 Forced Search”.

  • Therefore, the analysis will be forced onto the current page and the active search profile in the settings.

Justification for Automatic Mode

🎯 Workload Reduction

  • Aeronautical operators handle dozens of NOTAMs and METARs per shift.

  • Manually analyzing each document is operationally impractical.

  • Automation enables instant identification of critical risks.

⚡ Operational Safety

  • Critical information (runway closed, equipment inoperative) cannot be missed.

  • Automatic highlighting ensures the operator immediately sees risk terms.

  • Supports ICAO Annex 15 principles for effective dissemination of aeronautical information.

🔒 Controlled Scope

  • Automation is restricted to whitelisted domains (official aeronautical portals).

  • Analysis does not run on banking sites, social networks, or generic pages.

  • SecurityWhitelist silently disables itself in non-approved contexts.

Technical Details

// Automatic activation flow
1. Content script loads on page (manifest content_scripts)
2. security-whitelist.js checks hostname
3. If hostname ∈ APPROVED_DOMAINS: 
a. Identifies profile (NOTAM vs METAR vs TAF) 
b. Load dictionary of critical terms 
c. Starts automatic DOM parsing 
d. Applies visual highlighting
4. If hostname ∉ APPROVED_DOMAINS: 
a. Disables silently 
b. No processing performed

Data Accessed

✅ Page textual content (only on whitelisted domains)
✅ DOM structure to apply visual highlighting
❌ Forms, password fields, or login data
❌ Cookies or authentication tokens
❌ Browsing history or background tabs

Why It Is Necessary

  • Risk identification: Detecting critical terms without manual analysis.

  • Operational efficiency: Processing multiple documents simultaneously.

  • Regulatory compliance: Meeting ICAO requirements for effective information processing.

Security Impact

✅ Low risk with multiple layers of mitigation:

  • Mitigation 1: Restrictive whitelist

  • Mitigation 2: Mandatory HTTPS validation

  • Mitigation 3: Secure context verification (window.isSecureContext)

  • Mitigation 4: Manifest V3 isolated content scripts (no access to the page’s global window)

  • Mitigation 5: No transmission of analyzed data to external servers

2. storage

Description

Allows the extension to read and write local data using the chrome.storage.local and chrome.storage.sync APIs (where applicable).

Data Stored

Stored data includes:

  • UI preferences: selected language (pt-BR, en-US, es-ES, fr-FR)

  • Analysis profiles: which aeronautical authorities are enabled

  • Visual options: highlight preferences (colors, styles), light/dark mode

  • Validation cache: previously verified domains to optimize future checks

  • Session state: extension state across reloads

Data NOT Stored

  • ❌ Browsing history

  • ❌ Open tab data

  • ❌ Content of analyzed NOTAMs/METARs/TAFs

  • ❌ User identifiers or IP addresses

  • ❌ Cookies or authentication tokens

  • ❌ Any personally identifiable information (PII)

Data Location

All data is stored locally on the user’s device. No data is transmitted to SmartContentGuard servers during storage. Data remains within the browser’s local profile.

Technical Details

javascript

// Local storage example
chrome.storage.local.set({ 
'language': 'pt-BR', 
'activeProfiles': ['NOTAM', 'METAR'], 
'highlightColor': '#FFD700'
});

// Data does not leave the device
// No calls to servers external

Why It Is Necessary

  1. Persistence: Keep user preferences across sessions.

  2. Offline: The extension works without an internet connection (local checks continue).

  3. Efficiency: Decision caching reduces reprocessing.

Security Impact

✅ Low risk. The data is non-sensitive (UI preferences) and remains on the device. Users can clear the data by accessing chrome://settings → Privacy → Clear browsing data.

3. tabs

Description

It allows the extension to access information about open tabs, including URLs, titles, and statuses.

Information Accessed

json

{ 
"url": "https://aisweb.decea.mil.br/AIS/", 
"title": "AISWEB - Aeronautical Information Portal", 
"status": "complete", 
"active": true, 
"windowId": 1, 
"id": 123456
}

Specific Usage

1. Domain check

javascript

// SecurityWhitelist checks the URL to decide whether to activate
const urlObj = new URL(tab.url);
const hostname = urlObj.hostname;
const isApproved = APPROVED_DOMAINS.includes(hostname);

2. Security checks

javascript

// HTTPS_VALIDATION
const isHTTPS = tab.url.startsWith('https://');

// EXACT_DOMAIN_MATCH
const expectedDomain = 'aisweb.decea.mil.br';
const actualDomain = new URL(tab.url).hostname;
const matches = expectedDomain === actualDomain;

// SUBDOMAIN_AUTHORIZATION
const allowedSubdomains = ['aisweb', 'api'];
const subdomain = actualDomain.split('.');
const isSubdomainAllowed = allowedSubdomains.includes(subdomain);

3. Homograph detection

javascript

// HOMOGRAPH_ATTACK_DETECTION
const suspiciousPatterns = [
  /aisweb-decea\.mil\.br/, // with hyphen (fake)
  /aisweb.decea.mil.br.phishing.site/, // injected domain
  /aisweԪ.decea.mil.br/ // similar Unicode character
];

const isSuspicious = suspiciousPatterns.some(pattern => 
  pattern.test(tab.url)
);

Data NOT Accessed

  • ❌ Page content (access via scripting, no tabs)

  • ❌ Past browsing history

  • ❌ Cookies or sessions

  • ❌ Information from other windows/tabs without consent

  • ❌ Download history

Why It Is Necessary

  1. Identify if the current page is an official aviation domain.

  2. Validate URLs against phishing and homograph attacks.

  3. Run checks locally without external requests.

Security Impact

✅ Low risk. The permission only accesses URL metadata. It does not allow reading page content. Validations increase security against phishing.

4. downloads

Description

Allows the extension to automatically download embedded text documents to the system's default Downloads folder without showing a "Save As" dialog (via saveAs: false).

Available File Types

The extension provides only static legal and regulatory documents, organized by language (pt-BR, en-US, es-ES, fr-FR) and context (core legal and aviation vertical).

Main categories:

  • Core / General (per locale) – directory: src/legal/core/<locale>/

    • AVIATION_DISCLAIMER.txt - Aviation legal notice

    • LICENSE.txt – Extension license terms.

    • QUICK_TERMS.txt – Legal guidance and usage instructions.

    • README_LEGAL.txt – Legal guidelines and usage instructions.

  • Vertical / Aviation (per locale) – directory: src/legal/vertical/aviation/<locale>/

    • Examples:

      • EASA_COMPLIANCE.txt

      • FAA_COMPLIANCE.txt

      • ICAO_STANDARDS.txt

      • LATAM_COMPLIANCE.txt

      • DECEA_INTEGRATION.txt

      • RBAC_COMPLIANCE.txt

Key characteristics:

  • 100% of files are bundled inside the extension.

  • No personalization with user data.

  • All files are legal/regulatory reference texts and aviation compliance documents.

Automated Download Flow

Downloads are triggered only after an explicit user action in the extension UI (for example, clicking “Download Legal Notice” or “Export Compliance Documents”).

The extension starts the download using the chrome.downloads API.

javascript

async initiateDownload(url, fileName) {
  console.log(`📁 Starting download via Chrome API: ${url}`);

  return new Promise((resolve, reject) => {
    const downloadOptions = {
      url: url,              // chrome.runtime.getURL('src/legal/.../FILE.txt')
      filename: fileName,    // Simple file name
      saveAs: false,         // No dialogue; goes directly to the downloads folder
      conflictAction: 'uniquify', // Prevents overwriting existing files
    };

    chrome.downloads.download(downloadOptions, downloadId => {
      if (chrome.runtime.lastError) {
        reject(new Error(chrome.runtime.lastError.message));
      } else {
        resolve(downloadId);
      }
    });
  });
}

Observed behavior

  • The file is saved directly to the system’s default Downloads folder (for example, ~/Downloads on macOS), with no subfolders created.

  • If the filename already exists, the browser automatically generates a unique name (conflictAction: "uniquify").

Data sent

  • ❌ No user data is sent to any server.

  • ❌ No personal information is included in the downloaded files.

  • ✅ The download is purely local: packaged resource → user's Downloads folder.

No external HTTP requests are performed as part of downloading these files.

Why It Is Necessary

  • Transparency: lets users and compliance teams download and archive locally:

    • Aviation legal notices.

    • Terms of use and license.

    • Compliance documents (ICAO, EASA, FAA, DECEA, RBAC, etc.).

  • Regulatory support: helps audits by allowing dated local copies of the legal/compliance documents used by the tool.

  • Offline operation: documents can be accessed without an internet connection from the Downloads folder.

Security Impact

✅ Near-zero risk::​

  • Downloaded content is static, non-sensitive, and not tied to user data.

  • No data is transmitted to third parties.

  • The action is always user-initiated (explicit UI clicks), not silent background behavior.

Security Summary

Risk matrix by permission

PermissionRiskMitigationStatus
activeTab✅ LowActivation via explicit gesture✓ Accepted
storage✅ LowNon-sensitive local data✓ Accepted
scripting⚠️ MediumMedium Whitelist domains✓ Mitigated
tabs✅ LowLow URL metadata only✓ Accepted
downloads✅ NonePublic local files✓ Accepted

Applied Principles

  1. ✅ Principle of Least Privilege

    • Each requested permission has a clear justification.

    • No permission is used for secondary purposes.

  2. ✅ Total Transparency

    • Users know exactly what each permission does.

    • Complete documentation is available.

  3. ✅ User Control

    • Analysis runs only on approved domains.

    • Users can disable the extension at any time.

    • Local data can be cleared using the browser.

  4. ✅ Layered Security

    • ContentDetector (runtime)

    • CSP (Content Security Policy)

    • Structure validation

    • Content script sandboxing

    • Domain/HTTPS validations

  5. ✅ Regulatory Compliance

    • LGPD (Brasil)

    • GDPR (European Union)

    • Aviation regulations and standards (ICAO, FAA, ANAC)

Typical Use Cases

Use case 1: Operator reviews NOTAM/METAR on AISWEB

  1. The operator opens https://aisweb.decea.mil.br (official AISWEB portal)

  2. SmartContentGuard detects that the domain is on the aviation whitelist (tabs + internal logic).

  3. The extension verifies HTTPS and a secure context, then initializes Resource Manager (scripting + storage).

  4. content-detector.js checks whether the page contains NOTAM, weather data, or both (scripting).

  5. The system runs automated analysis and highlights critical terms directly in the DOM (scripting).

  6. The top bar and the floating side panel show risk counts and domain status (scripting).

  7. The operator can use REFRESH / CLEAR / CONFIG to adjust analysis and display (scripting + storage).

Use case 2: Operator forces a re-scan on a dynamic page

  1. The operator stays on a dynamic AISWEB/REDEMET page where NOTAM/METAR content updates in real time

  2. After new content loads, the operator clicks REFRESH (top bar) or Force Scan (floating panel)

  3. content-detector.js re-scans the DOM and reapplies detection/highlighting rules (scripting).

  4. Newly loaded critical terms are highlighted without reloading the page.

Use case 3: Operator downloads legal documentation

  1. The operator opens the extension popup or settings UI

  2. Selects an option such as “Download Legal Notice” or “Download ICAO/EASA/DECEA Compliance”.

  3. The extension selects the correct file based on the current language (pt-BR, en-US, es-ES, fr-FR) and context (core/aviation).

  4. An automatic download starts via chrome.downloads.download(), saving the text file directly to the default Downloads folder without a “Save As” dialog (downloads).

  5. No external connection is made; the content comes only from files packaged inside the extension.

Store Policy Compliance

Chrome Web Store ✅

  • Manifest V3 required: ✓ Implemented.

  • Permissions justified: ✓ Covered in this document.

  • No deception: ✓ Features and purpose are clearly described.

  • No undisclosed data collection: ✓ Uses local storage only, no remote user tracking.

Mozilla Add-ons ✅

  • Content scripts reviewed: ✓ Limited, security‑oriented behavior.

  • No undocumented remote communication: ✓ Connects only to documented aviation domains if needed.

  • No hidden telemetry: ✓ No analytics; only local storage is used.

Microsoft Edge Add-ons ✅

  • Manifest V3 supported: ✓ Yes.

  • Transparent permissions: ✓ Same permission model and justification as Chrome, documented here.

  • Secure by default: ✓ CSP, sandboxed content scripts, and strict whitelists are enforced.

FAQ for Reviewers (Updated)


Why does the extension inject content scripts on multiple domains?

A: SmartContentGuard uses content-detector.js as a central orchestrator. The content script loads on pages during normal browsing, but internal security logic only activates full analysis on whitelisted aviation domains (AISWEB, REDEMET, Aviation Weather, etc.). On other domains, the script only evaluates the hostname for domain-status purposes (floating side panel) and disables all content analysis. This is necessary to handle complex aviation portal architectures (iframes, dynamic subdomains) without relying on overly specific patterns that would break when infrastructure changes.


Is user data sent to servers?

A: No. The extension uses chrome.storage.local and, where applicable, chrome.storage.sync solely for local preferences (language, theme, active profiles, ON/OFF toggle). No permission is used to send NOTAM/METAR/TAF content, browsing history, or any personal data to SmartContentGuard servers or third parties.


How does the extension protect against phishing and fake domains?

A: The tabs permission reads only URL metadata (protocol, hostname) to apply:

  • HTTPS and secure-context validation.

  • Exact domain matching against the aviation whitelist.

  • Rules for detecting homographs and domains visually similar to official portals.

  • The content analysis module (via scripting) only activates if the domain passes these checks and is on the whitelist.


What happens if a site is not on the whitelist?

A: For non-whitelisted domains:

  • The content analyzer is silently disabled.

  • No automated DOM scanning for NOTAM/METAR/TAF is performed.

  • No page data is collected or stored.

  • Optionally, the floating side panel may display only a generic status (e.g., "Non-aviation domain") without inspecting content.


Can I review the security code?

A: Yes. All extension code (including content-detector, analyzers, and domain validations) is delivered as readable JavaScript as part of the package submitted to the store. Reviewers can directly inspect the packaged source during the review process. If additional context (diagrams, extended technical documentation) is needed, we can provide it on request via support@notamspot.com.

 

Is there telemetry or analytics?

A: No. The extension does not implement telemetry and does not use Google Analytics or tracking services.

  • No usage events (clicks, visited pages, analyzed terms) are sent to servers.

  • All analysis decisions happen locally in the browser.

  • The only use of downloads is to export static legal documents packaged inside the extension, triggered by explicit user action.

Extension Test Links

To validate SmartContentGuard in real environments, reviewers can click the links below after installing the extension. Analysis will start automatically.

AISWEB (Brazil — DECEA)

Direct link: https://aisweb.decea.mil.br/?i=aerodromos&codigo=SBGR
Tests for detecting Brazilian NOTAMs.

Aviation Weather Center (USA — NOAA/NWS)

Direct link: https://aviationweather.gov/data/metar/?ids=SBGR%2CSBSP%2CSBBR%2CSBKP%2CSBGL%2CSBRF%2CSBSV%2CSBCT%2CSBPA%2CSBCF%2CSBRJ%2CSBFI%2CSBFZ%2CSBCY%2CSBBE%2CSBMQ%2CSBCG%2CSBJP%2CSBFL%2CSBMN%2CSBPV%2CSBVT%2CSBRB%2CSBJU%2CSBEG&taf=1
Tests METAR/TAF analysis for 24 Brazilian airports in international format, HTTPS validation, and highlighting of critical weather conditions.

FAA FNS NOTAM Search (EUA)

Official website: https://notams.aim.faa.gov/notamSearch/nsapp.html#/

For testing purposes, use the following sequence of ICAO codes:
KJFK, KLAX, KORD, KATL, KDFW, KDEN, KSFO, KLAS, KPHX, KIAH, KMIA, KSEA, KEWR, KMCO, KBOS, KDCA, KFLL, KBWI, KMDW, KPHL, KLGA, KDTW, KMSN, PANC, PHNL.

This link allows you to validate the search and analysis of NOTAMs issued by the FAA; after the page loads, enter the ICAO codes in the appropriate field and click the “REFRESH” button at the top so that the NOTAMs are displayed and analyzed by the extension.

Reviewer contact

For technical questions or to request access to the source code:

Document Extension Permission Justification
Version: 0.9.0 (Beta)
Date December 5, 2025
Responsible: SmartContentGuard Team
Status: Ready for Submission to Stores