Closed Bug 1385864 Opened 4 years ago Closed 4 years ago

Web extension with "chrome://favicon/" permissions in manifest breaks webrequest

Categories

(WebExtensions :: Request Handling, defect, P1)

Product:
WebExtensions
Component:
Request Handling
Version:
55 Branch
Type:
defect

Tracking

(firefox56 fixed, firefox57 fixed)

Status:
RESOLVED FIXED
Milestone:
mozilla57
Tracking Flags:
Tracking Status
firefox56 --- fixed
firefox57 --- fixed

People

(Reporter: crownofdesign, Assigned: zombie)

References

Details

Attachments

(1 file)

Bug 1385864 - Drop invalid optional_permissions from manifests
59 bytes, text/x-review-board-request
kmag
: review+
lizzard
: approval-mozilla-beta+
Details 
User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36

Steps to reproduce:

I am using the following code for test:
browser.webRequest.onBeforeSendHeaders.addListener(
	event => {
		console.log( 'onBeforeSendHeaders' );
		console.log( event );

		return;
	},
	{ 'urls': [ '<all_urls>' ] },
	[ 'blocking', 'requestHeaders' ]
);

This code in Embedded WebExtension, not pure webextension


Actual results:

console.log is not outputted in FF dev edition.
In current normal Firefox all is working


Expected results:

It must work!
55.0b13 64 bit
My manifest permissions: 
"permissions": [
    "background",
    "proxy",
    "storage",
    "webRequest",
    "webRequestBlocking",
    "<all_urls>"
  ],
Component: Untriaged → WebExtensions: Request Handling
Product: Firefox → Toolkit
Version: 54 Branch → 55 Branch
Minimal code for testing: 

manifest.json

{
  "manifest_version": 2,
  "name": "dev",
  "short_name": "dev",
  "version": "3.16.8",
  "description": "description",
  "background": {
    "scripts": [
      "background.js"
    ]
  },
	"icons": {
    "64": "app_icon64.png"
  },
	
  "permissions": [
    "background",
    "proxy",
    "storage",
    "webRequest",
    "webRequestBlocking",
    "<all_urls>"
  ],
  "optional_permissions": [
    "management",
    "chrome://favicon/"
  ],
  "content_security_policy": "script-src 'self' https://ssl.google-analytics.com; object-src 'self'"
}
background.js

console.log( 'background start' );

browser.webRequest.onBeforeSendHeaders.addListener(
  event => {
    console.log( 'onBeforeSendHeaders' );
    console.log( event );

    return;
  },
  { 'urls': [ '<all_urls>' ] },
  [ 'blocking', 'requestHeaders' ]
);

console.log( 'background test 1' );
By chat conservations: in just FF beta there is no bug, in FF dev edition there is bug
*conversations
Personally tested in pure Firefox Beta - this test (above) does not work for me
Summary: webextension: browser.webRequest.onBeforeSendHeaders is not working in current firefox dev edition → webextension: browser.webRequest.onBeforeSendHeaders is not working in current firefox beta
The issue is with your manifest, firefox doesn't support the "chrome://favicon/" permission, so your extension doesn't even load.

Unfortunately, the error is invisible unless you are using the current Nightly (which is generally suggested while developing).
Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → INVALID
Duplicate of this bug: 1386204
What it's working in FF54?
*Why
Not sure, we probably started being strict about permissions in 55.
Summary: webextension: browser.webRequest.onBeforeSendHeaders is not working in current firefox beta → Web extension with unknown permissions in manifest fails to load
Sound like bug 1373293 which was fixed in 56.
Resolution: INVALID → DUPLICATE
Duplicate of bug: 1373293
But that says it got uplifted to 55, which doesn't match my testing.

Reopening since it seems the fix for bug 1373293 missed optional_permissions, and this is breaking webrequests as is.
Status: RESOLVED → REOPENED
Ever confirmed: true
Resolution: DUPLICATE → ---
Priority: -- → P1
Summary: Web extension with unknown permissions in manifest fails to load → Web extension with "chrome://favicon/" permissions in manifest breaks webrequest
Assignee: nobody → tomica
Status: REOPENED → ASSIGNED
Comment on attachment 8893597 [details]
Bug 1385864  - Drop invalid optional_permissions from manifests

https://reviewboard.mozilla.org/r/164684/#review170098
Attachment #8893597 - Flags: review?(kmaglione+bmo) → review+
Pushed by tomica@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/ca0419d7845f
Drop invalid optional_permissions from manifests  r=kmag
Comment on attachment 8893597 [details]
Bug 1385864  - Drop invalid optional_permissions from manifests

Approval Request Comment
[Feature/Bug causing the regression]: Bug 1322235
[User impact if declined]: This prevents certain extensions from being installed.
[Is this code covered by automated tests?]: Yes.
[Has the fix been verified in Nightly?]: No.
[Needs manual test from QE? If yes, steps to reproduce]: No, manually tested from local build.
[List of other uplifts needed for the feature/fix]: None.
[Is the change risky?]: Low-risk.
[Why is the change risky/not risky?]: it's very simple, just marks unknown strings to be dropped from manifest.
[String changes made/needed]: None.
Attachment #8893597 - Flags: approval-mozilla-beta?
Comment on attachment 8893597 [details]
Bug 1385864  - Drop invalid optional_permissions from manifests

Looks like we need this for webextensions to work - let's uplift for 56 beta 1.
Attachment #8893597 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
https://hg.mozilla.org/mozilla-central/rev/ca0419d7845f
Status: ASSIGNED → RESOLVED
Closed: 4 years ago4 years ago
status-firefox57: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
(In reply to Tomislav Jovanovic :zombie from comment #18)
> [Is this code covered by automated tests?]: Yes.
> [Has the fix been verified in Nightly?]: No.
> [Needs manual test from QE? If yes, steps to reproduce]: No, manually tested
> from local build.

Setting qe-verify- based on Tomislav's assessment on manual testing needs and the fact that this fix has automated coverage.
Flags: qe-verify-
Related to bug 1315616?
Product: Toolkit → WebExtensions
You need to log in before you can comment on or make changes to this bug.