Bug 1685092 Comment 0 Edit History

Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.

Since https://hg.mozilla.org/mozilla-central/rev/676c6c0096af#l3.12, PDF.js started to use `resource://pdf.js` instead of `*` to avoid bug 1449898. A consequence of this is that whenever the PDF viewer is opened in a tab with origin attributes (e.g. a private browsing window), that a non-actionable error message is printed to the console.

STR:

1. Open any PDF file in a private browsing window.
2. Open the browser console for that tab.

Expected:
- No errors.

Actual:

- > Attempting to post a message to window with url "resource://pdf.js/web/viewer.html" and origin "resource://pdf.js^privateBrowsingId=1" from a system principal scope with mismatched origin "[System Principal]".
- Fortunately, this is just an error message, the functionality works as intended

The error message was introduced in https://hg.mozilla.org/mozilla-central/rev/d74bafb4a41e96ee48b41ded94b7c17a6403a4d6
There are currently no reasonable alternatives to get rid of the error. The following are available but have disadvantages:
- Using `*` instead of the explicit origin would introduce a security regression (bug 1449898).
- Using `domWindow.wrappedJSObject.postMessage` instead of `domWindow.postMessage` would result get rid of the error, but the source origin would no longer be considered chrome-privileged (i.e. `event.source` becomes non-null, and the message is rejected) (not to mention that `postMessage` method would be from a relatively untrusted context).

Since the error is not actionable, I suggest to remove it as the simplest solution.

If the error is desirable, then a way to allow callers to avoid the error is to update the `postMessage` method to accept a (`ChromeOnly`) option to specify the expected origin attributes/principal for the target window (e.g. via a new property in the [`WindowPostMessageOptions`](https://searchfox.org/mozilla-central/rev/a0ccd492719b1ad2106f6456549be62a76f45acb/dom/webidl/Window.webidl#800-802) dictionary for `window.postMessage`).
Since https://hg.mozilla.org/mozilla-central/rev/676c6c0096af#l3.12, PDF.js started to use `resource://pdf.js` instead of `*` to avoid bug 1449898. A consequence of this is that whenever the PDF viewer is opened in a tab with origin attributes (e.g. a private browsing window), that a non-actionable error message is printed to the console.

STR:

1. Open any PDF file in a private browsing window.
2. Open the content browser console for that tab (or the global browser console).

Expected:
- No errors.

Actual:

- > Attempting to post a message to window with url "resource://pdf.js/web/viewer.html" and origin "resource://pdf.js^privateBrowsingId=1" from a system principal scope with mismatched origin "[System Principal]".
- Fortunately, this is just an error message, the functionality works as intended

The error message was introduced in https://hg.mozilla.org/mozilla-central/rev/d74bafb4a41e96ee48b41ded94b7c17a6403a4d6
There are currently no reasonable alternatives to get rid of the error. The following are available but have disadvantages:
- Using `*` instead of the explicit origin would introduce a security regression (bug 1449898).
- Using `domWindow.wrappedJSObject.postMessage` instead of `domWindow.postMessage` would result get rid of the error, but the source origin would no longer be considered chrome-privileged (i.e. `event.source` becomes non-null, and the message is rejected) (not to mention that `postMessage` method would be from a relatively untrusted context).

Since the error is not actionable, I suggest to remove it as the simplest solution.

If the error is desirable, then a way to allow callers to avoid the error is to update the `postMessage` method to accept a (`ChromeOnly`) option to specify the expected origin attributes/principal for the target window (e.g. via a new property in the [`WindowPostMessageOptions`](https://searchfox.org/mozilla-central/rev/a0ccd492719b1ad2106f6456549be62a76f45acb/dom/webidl/Window.webidl#800-802) dictionary for `window.postMessage`).

Back to Bug 1685092 Comment 0