DEV Community: Khaled Mahmud The latest articles on DEV Community by Khaled Mahmud (@khaled_kmp). https://dev.to/khaled_kmp https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3946440%2Ffff3be78-b9b1-44cf-86d0-bdca446d405e.jpg DEV Community: Khaled Mahmud https://dev.to/khaled_kmp en Building a Clipboard Listener Chrome Extension in Manifest V3: What I Learned the Hard Way Khaled Mahmud Fri, 22 May 2026 16:26:51 +0000 https://dev.to/khaled_kmp/building-a-clipboard-listener-chrome-extension-in-manifest-v3what-i-learned-the-hard-way-126l https://dev.to/khaled_kmp/building-a-clipboard-listener-chrome-extension-in-manifest-v3what-i-learned-the-hard-way-126l <p>When I started building ReFind — a Chrome extension that captures URLs<br> as you copy them — I assumed the clipboard listener would be the easy part.<br> It wasn't. Here's what actually happened and how I solved it.</p> <p><strong>The Goal</strong></p> <p>Every time the user copies a URL (Cmd+C / Ctrl+C on a link), the extension<br> should silently capture it, validate it's actually a URL, and process it.<br> No popup interaction required. Fully automatic.</p> <p><strong>Why Background Scripts Are Tricky in MV3</strong></p> <p>Manifest V3 replaced persistent background pages with service workers.<br> Unlike a background page that stays alive as long as the browser is open,<br> a service worker can be terminated by Chrome after ~30 seconds of inactivity.</p> <p>This creates a problem: if you store anything in memory (variables, state),<br> it can vanish between events. The fix: persist everything to<br> chrome.storage.local immediately.</p> <p><strong>The Clipboard Access Problem</strong></p> <p>Here's the tricky part: you can't directly access navigator.clipboard<br> from a service worker context. Chrome restricts clipboard access to require<br> an active user gesture (a click, keypress, etc.) — and service workers<br> don't have a DOM or event context for this.</p> <p>The solution I landed on:</p> <ol> <li>Listen for the copy keyboard shortcut using chrome.commands API</li> <li>Inject a content script into the active tab (which has DOM access)</li> <li>Have the content script read the clipboard and message the background script with the result</li> </ol> <p>Content script → background script communication via chrome.runtime.sendMessage().</p> <p><strong>URL Validation</strong></p> <p>Once I had clipboard access working, I needed to filter for URLs only.<br> A simple regex check before processing:</p> <p>const isUrl = /^https?:\/\/.+/.test(text);</p> <p>This prevents capturing phone numbers, random copied text, passwords, etc.</p> <p><strong>What I'd Do Differently</strong></p> <p>If I were starting over, I'd add the URL validation earlier in the pipeline —<br> ideally at the content script level before sending to the background. Less<br> round-tripping, and it prevents unnecessary message passing.</p> <p>The one thing I underestimated: the permission model in MV3 is strict and<br> intentionally so. Read the permission docs carefully before you assume<br> something will just work.</p> <p>Questions? I'm happy to go deeper on any part of this.</p> devjournal javascript tutorial webdev