Closed
Bug 1247081
Opened 8 years ago
Closed 8 years ago
Security error when setting the src of an iframe to a moz-extension:// url with a hash fragment
Categories
(WebExtensions :: Untriaged, defect, P1)
Tracking
(firefox47 fixed, firefox48 verified)
People
(Reporter: sprouse.a, Assigned: kmag)
References
Details
Attachments
(3 files)
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.103 Safari/537.36 Steps to reproduce: 1. Ensure you have the prerequisites for running a WebExtension (https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Walkthrough#Prerequisites) 2. Open about:addons and load the attached hellow.xpi 3. Open a url such as http://web.mit.edu/ 4. Click on the plugin's browser action button in the toolbar Actual results: 1. The iFrame appears empty 2. "Security Error: Content at http://web.mit.edu/ may not load or link to moz-extension://3d75a866-3a3e-d04e-958b-48d0982bcb09/app/index.html#/hash/fragment" in the console Expected results: 1. The iFrame should appear and display the text "HELLO WORLD"
Reporter | ||
Updated•8 years ago
|
OS: Unspecified → Mac OS X
Hardware: Unspecified → x86_64
Assignee | ||
Updated•8 years ago
|
Status: UNCONFIRMED → NEW
Component: Untriaged → WebExtensions
Ever confirmed: true
OS: Mac OS X → All
Product: Firefox → Toolkit
Hardware: x86_64 → All
Assignee | ||
Updated•8 years ago
|
Flags: blocking-webextensions?
Assignee | ||
Updated•8 years ago
|
Assignee: nobody → kmaglione+bmo
Updated•8 years ago
|
Flags: blocking-webextensions? → blocking-webextensions+
Priority: -- → P1
Assignee | ||
Comment 1•8 years ago
|
||
Review commit: https://reviewboard.mozilla.org/r/35931/diff/#index_header See other reviews: https://reviewboard.mozilla.org/r/35931/
Attachment #8722257 -
Flags: review?(wmccloskey)
Assignee | ||
Updated•8 years ago
|
Iteration: --- → 47.3 - Mar 7
Comment on attachment 8722257 [details] MozReview Request: Bug 1247081: Support fragment IDs and query strings in web_accessible_resources URLs. r?billm https://reviewboard.mozilla.org/r/35931/#review33019
Attachment #8722257 -
Flags: review?(wmccloskey) → review+
Assignee | ||
Comment 3•8 years ago
|
||
https://hg.mozilla.org/integration/fx-team/rev/ec700560eba22e7efcb4e263650bc5e88f65d4bf Bug 1247081: Support fragment IDs and query strings in web_accessible_resources URLs. r=billm
Comment 4•8 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/ec700560eba2
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox47:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla47
Comment 5•8 years ago
|
||
I was able to reproduce this issue on Firefox 47.0a1 (2016-01-29) under Windows 10 64-bit. Tested on latest Firefox 48.0a1 (2016-04-06) using https://addons.allizom.org/en-US/firefox/addon/testfor1247081/ under Windows 10 64-bit, Ubuntu 12.04 32-bit and Mac OS X 10.11 and noticed the following: - "HELLO WORLD" is successfully displayed - No errors are thrown in browser console But, - The webextension’s icon is not displayed in toolbar and about:addons: http://i.imgur.com/pdBJlvd.jpg - There are 2 different alternative opening animations encountered. See attached screenscast. Should I file new bugs for these issues? I was unable to test this bug on Firefox 47.0a2 (2016-04-06) because the webextension seems to be corrupted under this Firefox version even with the xpinstall.signatures.dev-root pref set to true. Do you know why?
Flags: needinfo?(kmaglione+bmo)
Assignee | ||
Comment 6•8 years ago
|
||
(In reply to Vasilica Mihasca, QA [:vasilica_mihasca] from comment #5) > - The webextension’s icon is not displayed in toolbar and about:addons: > http://i.imgur.com/pdBJlvd.jpg The extension doesn't actually include the image files it lists as icons, so I don't think this is a bug. > - There are 2 different alternative opening animations encountered. See > attached screenscast. That UI is all implemented by the add-on, as a content script, so this is also a bug in the add-on rather than the browser. > I was unable to test this bug on Firefox 47.0a2 (2016-04-06) because the > webextension seems to be corrupted under this Firefox version even with the > xpinstall.signatures.dev-root pref set to true. > Do you know why? It's because of the "default_locale" property under "browser_action", which isn't legal.
Flags: needinfo?(kmaglione+bmo)
Comment 7•8 years ago
|
||
Thanks for clarifying this! Based on Comment 5 and Comment 6, I am marking this bug as Verified, since none of the above mentioned issues are Firefox specific.
Status: RESOLVED → VERIFIED
status-firefox48:
--- → verified
Updated•6 years ago
|
Product: Toolkit → WebExtensions
You need to log in
before you can comment on or make changes to this bug.
Description
•