Open Bug 1744883 Opened 3 years ago Updated 3 years ago

Replace cryptic "This operation is insecure" with better error info

Categories

(Core :: DOM: Core & HTML, enhancement)

Product:
Core
Component:
DOM: Core & HTML
Type:
enhancement

Tracking

()

People

(Reporter: u673061, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

example error shown in Chrome
237.54 KB, image/png
Details
92779869-baa74f80-f3a2-11ea-814b-ee0e0b9bac0e.png
14.58 KB, image/png
Details

As opposed with Chrome which shows more detailed error traceback, Firefox only shows a cryptic "DOM: This operation is insecure" message.

The question does not tell what operation is insecure and which lines of code are caising the problem. This should be changed.

The attachments show the significant differences betwern Chrome and Firefox.

Current error display in Firefox

This bug is stale for over two months :(

Flags: needinfo?(odvarko)

Sorry about the delay!

Can you please also provide simple STRs (or attache an HTML page) we could use to generate the error?
Thank you for the report.

Flags: needinfo?(odvarko) → needinfo?(me)
Whiteboard: [devtools-triage]

STR:
Go to developer console and execute the following code
window.history.replaceState(null, null, "https://www.mozilla.org")
And the error will pop up

Flags: needinfo?(me)

Thank you David!

Summary of STRs:

  1. Load google.com
  2. Open DevTools and select the Console panel
  3. Execute window.history.replaceState(null, null, "https://www.mozilla.org") in the Command line
  4. Check out the error, it says The operation is insecure - there is no additional info (stack trace) about where it happened
  5. Chrome shows stack for the script evaluated in the Console

I am moving this to the Console panel component.

Honza

Has STR: --- → yes
Component: DOM → Console

Nicolas will try and reproduce with a script, check if we can expand the exception in the console.

Flags: needinfo?(nchevobbe)
Whiteboard: [devtools-triage]

here's a more specific STR, if we want to compare Chrome and Firefox:

  1. On this page, open the console
  2. Evaluate the following snippet
a = () => b()
b = () => c()
c = () => window.history.replaceState(null, null, "https://www.mozilla.org")
a()

In Chrome, you get the following:

▶︎ Uncaught DOMException: Failed to execute 'replaceState' on 'History': A history state object with URL 'https://www.mozilla.org/' cannot be created in a document with origin 'https://bugzilla.mozilla.org' and URL 'https://bugzilla.mozilla.org/show_bug.cgi?id=1744883'.
    at c (<anonymous>:3:26)
    at b (<anonymous>:2:11)
    at a (<anonymous>:1:11)
    at <anonymous>:4:1

In Firefox:

▶︎ Uncaught DOMException: The operation is insecure

In both case, note the ▶︎ character. If you click on it, in both Chrome and Firefox you get the actual stacktrace:

▼ Uncaught DOMException: The operation is insecure.
    c debugger eval code:3
    b debugger eval code:2
    a debugger eval code:1
    <anonymous> debugger eval code:4

David, does that provide the information you need?

Flags: needinfo?(nchevobbe) → needinfo?(davidh.03)

What I mean is Chrome is more specific about the cause of the error than Firefox
Instead of only showing a stack trace, Chrome also shows a human readable form of the error while Firefox does not.

Flags: needinfo?(davidh.03)

(In reply to David Hu from comment #8)

What I mean is Chrome is more specific about the cause of the error than Firefox
Instead of only showing a stack trace, Chrome also shows a human readable form of the error while Firefox does not.

okay thanks, let's move the message to the right component so folks can look at it.

The error message is defined in dom/base/domerr.msg#25

Component: Console → DOM: Navigation
Product: DevTools → Core
Component: DOM: Navigation → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: