Content Security Policy breaks iframe inserted by extension

RESOLVED DUPLICATE of bug 615708

Status

()

defect
RESOLVED DUPLICATE of bug 615708
5 years ago
3 years ago

People

(Reporter: mgrouchy, Unassigned)

Tracking

30 Branch
x86
macOS
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

5 years ago
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.84 Safari/537.36

Steps to reproduce:

1. Sign up for a Buffer Account and login (http://bufferapp.com)
2. Install the Buffer Plugin (http://bufferapp.com/extensions/firefox/download) 
3. Visit any repository on Github (ex: http://github.com/mgrouchy/django-stronghold)
4. Press the buffer plugin button in the toolbar. 



Actual results:

View javascript errors in the console because of Github's Content Security Policy disallowed the insertion of an iframe. (screenshot attached).



Expected results:

An iframe should be inserted in the page so you can properly use the "buffer" feature of the plugin/app.

Updated

3 years ago
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Component: Untriaged → DOM: Security
Product: Firefox → Core
Resolution: --- → DUPLICATE
Summary: Strict Content Security Policy breaks Iframes inserted by Plugins. → Content Security Policy breaks iframe inserted by extension
Duplicate of bug: 615708
You need to log in before you can comment on or make changes to this bug.