Bug 1685862 Comment 7 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

I was also asked about this issue in relation to user-scripts.

Situation:

**HTTPS-Only Mode** enabled and on a HTTP page that user has given temporary permission to

- HTTP XHR made from user-script using Web API `fetch/XHR` goes through 
- HTTP XHR made using GM API and made from extension's background page fails

Possible Solutions:

- HTTP Temporary permission to be applied globally
- Allow extension background to bypass HOM .e.g via a flag in `fetch/XHR`
- Create a permission to bypass HOM in `manifest.json` to allow extension background to bypass HOM

There are other situation where extensions that use HTTP for any other reason for their own functions will fail to function when HOM is enabled.
I was also asked about this issue in relation to user-scripts.

Situation:

**HTTPS-Only Mode** enabled and on a HTTP page that user has given temporary permission to

- HTTP XHR made from user-script using Web API `fetch/XHR` goes through 
- HTTP XHR made using GM API and made from extension's background page fails

Possible Solutions:

- HTTP Temporary permission to be applied globally
- Allow extension background to bypass HOM .e.g. via a flag in `fetch/XHR`
- Create a permission to bypass HOM in `manifest.json` to allow extension background to bypass HOM

There are other situation where extensions that use HTTP for any other reason for their own functions will fail to function when HOM is enabled.

Back to Bug 1685862 Comment 7