determine whether we should prevent relative urls from content scripts
Categories
(WebExtensions :: General, task, P3)
Tracking
(Not tracked)
People
(Reporter: mixedpuppy, Unassigned)
References
(Blocks 1 open bug)
Details
See bug 1588956 for a conversation about this.
"We apparently prevent relative urls in xhr/fetch in content scripts. I'm not certain how much effort it would be to catch all the potential locations we'd need to handle that, so I'd lean first to enforcing the addon csp regardless, then if we think it's a good idea to prevent relative urls, knock those off in another bug. I don't have a strong inclination either way."
Btw, this is about stuff like setting img.src to a relative url
Reporter | ||
Updated•5 years ago
|
Reporter | ||
Updated•4 years ago
|
Comment 1•2 years ago
|
||
fetch
/ XMLHttpRequest
in MV2 content scripts were from the Sandbox. In MV3 they are XrayWrapped versions of the API in the web page (since bug 1687762).
Due to that, the behavior is consistent across all web platform APIs, as in that relative URLs are resolved relative to the document's base URL.
This is the most sensible behavior that developers expect, and changing that would break cross-browser compatibility.
Reporter | ||
Comment 2•2 years ago
|
||
We're wontfix'ing this since MV3 does not suffer from this issue.
Description
•