webRequest filterResponseData always fail on service workers scripts
Categories
(WebExtensions :: General, defect)
Tracking
(firefox109 affected, firefox110 affected, firefox111 affected)
People
(Reporter: doliere, Unassigned)
References
Details
Attachments
(2 files)
2023-01-23_10h07_15.png
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:108.0) Gecko/20100101 Firefox/108.0
Steps to reproduce:
- Created a webExtension that makes use of the webRequest.filterResponseData API in order to manipulate service workers code.
- Load it in a Firefox browser, using the
web-extNPM package or manually as a temporary addon by going toabout:debugging#/runtime/this-firefox - Open the extension background page console (by clicking on the "Inspect" button on the top right corner of the extension name
- Navigated to sites that deploy service workers, i.e. https://twitter.com or https://discourse.mozilla.org/
- Watch the extension background page console. You should see errors being raised when the extension attempts to intercept service workers scripts responses
Actual results:
- Service workers responses content is never passed to the filter.ondata event where manipulation is set to be performed
- Instead, the filter.onerror event is constantly triggered with "Invalid request ID"
- See the attached archive with the extension code we used and a screenshot of the error with the service worker of twitter.com
Expected results:
- Service workers responses content should be viewable and manipulable within filter.ondata
|
||
Comment 1•1 year ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::DOM: Service Workers' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
|
||
Updated•1 year ago
|
|
||
Comment 2•1 year ago
|
||
Hello,
I reproduced the issue on the latest Nightly (111.0a1/20230122211034), Beta (110.0b4/20230122190604) and Release (109.0/20230112150232) under Windows 10 x64 and Ubuntu 16.04 LTS.
With the provided extension loaded via about:debugging, accessing https://twitter.com/ logs several events in the extension console, as described in item 2 from the "Actual results" of the report.
For more details, see the attached screenshot.
|
|
||
Comment 3•1 year ago
|
||
|
||
Comment 4•1 year ago
|
||
This is actually the intended behavior:
-
with the version of the test extension attached to this bug in comment 0, the behavior as reported is the expected one, to be able to successfully attach a StreamFilter to the response for a webrequest related to a service worker script being loaded (either the main script or imported script) through webRequest.filterResponseData the extension has to require the additional permission "webRequestFilterResponse.serviceWorkerScript" (introduced by Bug 1636629 in Firefox 95).
-
without requesting that additional webRequest permission, an error event is expected to be emitted on the StreamFilter instance returned by that webRequest.filterResponseData call
As a side note, the extension should only require the additional "webRequestFilterResponse.serviceWorkerScript" permission if it is necessary for the features that the extension intend to provide, and it should not be requested otherwise. Including the permission in an extension submitted to AMO may also require that submission to go through an additional scrutiny and reviews to confirm that the additional permission isn't being abused.
Thanks a lot for handling the issue. I did not know about the additional permission !!!!
Description
•