Closed Bug 1724099 Opened 3 years ago Closed 1 year ago

Cannot load frames with external content in extensions on Android; "ASSERTION: Attempt to load a non-authorised load in the parent process"

Categories

(WebExtensions :: Android, defect, P3)

defect

Tracking

(firefox120 fixed)

RESOLVED FIXED
120 Branch
Tracking Status
firefox120 --- fixed

People

(Reporter: robwu, Assigned: robwu)

References

(Depends on 1 open bug)

Details

The following features together prevent extensions from loading external content in iframes:

STR: Example of failing unit test:

STR: manual test on mobile:

  1. Start a Fenix build, and enable remote debugging in the settings.

  2. Visit about:debugging on desktop, enable devices, connect to the device.

  3. Select an extension (one of the built-in ones), inspect it and run the following code in the background page:

    f = document.createElement("iframe");
    f.src = "https://example.com/";
    f.onload = f.onerror = e => console.log(e.type);
    document.body.append(f);
    
  4. Look at the console.

  5. Use the DOM inspector to inspect the iframe.

Expected:

  • Step 4 prints "load".
  • Step 5 shows a loaded document.

Actual:

  • Step 4 prints "error".
  • Step 5 shows an empty document (empty <head> and <body>).

Alternative STR (desktop):

  1. Start Firefox with extensions.webextensions.remote=false (restart the browser if you're using about:config).
  2. Install an extension.
  3. Visit about:debugging and inspect the extension.
  4. See step 4 and 5 from the other STR, with the same Expected/actual

Out-of-process frames are not supported in the main process by Fission (and besides, Fission isn't even enabled by default in GeckoView).
Non-e10s (single-process mode) is not supported on GeckoView either (and we wouldn't want that anyway).

So the only feasible path towards a fix for this bug is to enable out-of-process extensions on Android - bug 1535365.

Depends on: 1535365

I can get xpcshell tests to pass with the following prefs:

Services.prefs.setBoolPref("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer", true);
Services.prefs.setBoolPref("security.allow_unsafe_parent_loads", true);

The first pref is used to get xpc::IsInAutomation to be true, since it isn't true by default in xpcshell tests (bug 1598804).
The second pref is to force nsDocShell::CanLoadInParentProcess to accept requests to external URLs used in the test.

While this trick can be used to re-enable some tests, I'm not sure whether we should use it, since it's a non-standard test configuration.

A fix for the root cause is not near (comment 1), and the current set of recommended extensions do seemingly not depend on the ability to load remote frames, so we decided to partially address this bug for the failing unit tests only using the test-only prefs from comment 2. A new issue could be filed for the actual issue.

(Or equivalently, we could file a bug to land the test-only changes and link this bug.)

Severity: -- → S3
Priority: -- → P3
Blocks: 1700482

Rob, this bug is about extensions running in GeckoView's main process and content in Fission OOP iframes. Is this bug relevant for Android Addons GA? Or can this bug wait until we implement Android Fission?

Flags: needinfo?(rob)

(In reply to Chris Peterson [:cpeterson] from comment #5)

Rob, this bug is about extensions running in GeckoView's main process and content in Fission OOP iframes.

This bug is about extensions not being able to load remote content in their (moz-extension:) documents. This is because extensions currently run in the main process. When extensions run in their own process (bug 1535365), this bug will be resolved.

Is this bug relevant for Android Addons GA? Or can this bug wait until we implement Android Fission?

This is relevant for GA, but mainly as a bug to point to when extension authors run into the issue described here.
The engineering tasks itself are tracked in bug 1535365.
Once that bug is fixed by turning on the feature (not just on Nightly or Beta, but on release), this bug can be closed. And along with that, we can re-enable some tests - bug 1700482.

Flags: needinfo?(rob)

Note: tests were re-enabled using the trick from comment 2 in https://hg.mozilla.org/mozilla-central/rev/80b8b7daaa90.

Once out-of-process WebExtensions are enabled (bug 1535365), this bug will be fixed for real.

Looks like this bug should be fixed in 120.

Status: NEW → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
Target Milestone: --- → 120 Branch
Assignee: nobody → rob
Depends on: 1880856
You need to log in before you can comment on or make changes to this bug.