Replace cryptic "This operation is insecure" with better error info
Categories
(Core :: DOM: Core & HTML, enhancement)
Tracking
()
People
(Reporter: u673061, Unassigned)
References
(Blocks 1 open bug)
Details
Attachments
(2 files)
As opposed with Chrome which shows more detailed error traceback, Firefox only shows a cryptic "DOM: This operation is insecure" message.
The question does not tell what operation is insecure and which lines of code are caising the problem. This should be changed.
The attachments show the significant differences betwern Chrome and Firefox.
This bug is stale for over two months :(
Comment 3•3 years ago
|
||
Sorry about the delay!
Can you please also provide simple STRs (or attache an HTML page) we could use to generate the error?
Thank you for the report.
Updated•3 years ago
|
STR:
Go to developer console and execute the following code
window.history.replaceState(null, null, "https://www.mozilla.org")
And the error will pop up
Comment 5•3 years ago
|
||
Thank you David!
Summary of STRs:
- Load google.com
- Open DevTools and select the Console panel
- Execute
window.history.replaceState(null, null, "https://www.mozilla.org")
in the Command line - Check out the error, it says
The operation is insecure
- there is no additional info (stack trace) about where it happened - Chrome shows stack for the script evaluated in the Console
I am moving this to the Console panel component.
Honza
Comment 6•3 years ago
|
||
Nicolas will try and reproduce with a script, check if we can expand the exception in the console.
Comment 7•3 years ago
|
||
here's a more specific STR, if we want to compare Chrome and Firefox:
- On this page, open the console
- Evaluate the following snippet
a = () => b()
b = () => c()
c = () => window.history.replaceState(null, null, "https://www.mozilla.org")
a()
In Chrome, you get the following:
▶︎ Uncaught DOMException: Failed to execute 'replaceState' on 'History': A history state object with URL 'https://www.mozilla.org/' cannot be created in a document with origin 'https://bugzilla.mozilla.org' and URL 'https://bugzilla.mozilla.org/show_bug.cgi?id=1744883'.
at c (<anonymous>:3:26)
at b (<anonymous>:2:11)
at a (<anonymous>:1:11)
at <anonymous>:4:1
In Firefox:
▶︎ Uncaught DOMException: The operation is insecure
In both case, note the ▶︎
character. If you click on it, in both Chrome and Firefox you get the actual stacktrace:
▼ Uncaught DOMException: The operation is insecure.
c debugger eval code:3
b debugger eval code:2
a debugger eval code:1
<anonymous> debugger eval code:4
David, does that provide the information you need?
What I mean is Chrome is more specific about the cause of the error than Firefox
Instead of only showing a stack trace, Chrome also shows a human readable form of the error while Firefox does not.
Comment 9•3 years ago
|
||
(In reply to David Hu from comment #8)
What I mean is Chrome is more specific about the cause of the error than Firefox
Instead of only showing a stack trace, Chrome also shows a human readable form of the error while Firefox does not.
okay thanks, let's move the message to the right component so folks can look at it.
The error message is defined in dom/base/domerr.msg#25
Updated•3 years ago
|
Updated•3 years ago
|
Description
•