Closed
Bug 1632333
Opened 4 years ago
Closed 4 years ago
The fix from Bug 1595652 only works for the first load
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
WONTFIX
People
(Reporter: kernp25, Unassigned)
Details
Attachments
(2 files)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0
Steps to reproduce:
- Install the test add-on
- Click on the icon
Actual results:
It will load the first page as expected. But if you navigate, then it will get blocked by the XFO.
Expected results:
Should also work for navigations.
Comment 2•4 years ago
|
||
We're not going to automatically lift the X-Frame-Options restrictions for extensions. You'll have to use the webRequest.onHeadersReceived API to remove the header (but make sure to check the details, including originUrl
to make sure that you're only removing the XFO header for requests from your extension.
Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•