Open Bug 1993708 Opened 6 months ago Updated 29 days ago

Permission prompts will pop up endlessly

Categories

(Firefox :: Site Permissions, defect, P3)

Product:
Firefox
Component:
Site Permissions
Version:
Firefox 145
Type:
defect

Tracking

()

People

(Reporter: 709922234, Unassigned, NeedInfo)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

screenshot-20251010-215732.png
15.01 KB, image/png
Details
fe.shizhuang-inc.com_Archive [25-10-14 13-51-59].har
2.35 MB, application/octet-stream
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:145.0) Gecko/20100101 Firefox/145.0

Steps to reproduce:

  1. Visit the designated website

Actual results:

Permission prompts will pop up endlessly

Expected results:

No more pop-ups after allowing

Component: Untriaged → Site Permissions

Clarification: Do you see prompts endlessly while on that site (without reloads) or do you see these prompts re-appearing as you reload the site or visit it again? Do you have a site you could share where this happens so I can try to reproduce myself?

I see we're lacking the "remember" option here. This might be because it's a third-party requesting it. Once we implement permissions policy we could prompt for the top level and also support persisting that choice.

IIRC we don't offer persisting the permission because - without permissions policy - this could would allow the requesting site to make LNA requests in both first party and third-party contexts which is unexpected. Also it's confusing to see a third-party prompt for LNA.

Sunil, I want to make sure this is on your radar.

Blocks: local-network-access
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: needinfo?(smayya)
Flags: needinfo?(08xjcec48)

This is our internal website.

I think it may have something to do with the fact that we changed the domain name, cache? cross domain?

I see it again when I switch tabs or refresh the page

Thanks for filing the bug.
(In reply to 709922234 from comment #2)

This is our internal website.

I think it may have something to do with the fact that we changed the domain name, cache? cross domain

It's because of cross-domain. If you have a cross-site iframe on a page making a local access you would see this permission prompt without an option to remember. This means the permission is granted only temproarily.
With Bug 1988152, you should be able to configure a policy to skip LNA checks for specific domains.
BTW, can you please share the devtool output for the request?
Are you looking for any other workaround until Bug 1988152 is released?

Flags: needinfo?(smayya) → needinfo?(709922234)
Flags: needinfo?(08xjcec48)
Flags: needinfo?(709922234)

Should be block this bug on the permissions policy integration? i.e. when we get the "remember" checkbox because we can prompt for the top level when a 3rd party does the request.

Severity: -- → S3
Flags: needinfo?(smayya)
Priority: -- → P3

Yes, Emma we should block this bug on Permission Policy Integration.

Flags: needinfo?(smayya)
Depends on: 1978550
Duplicate of this bug: 2009879
See Also: → 2009879

Just to note, in Chromium browsers this use case works via the Permissions Policy on iframes:
<iframe src="https://domainB.example" allow="local-network-access"></iframe>

https://docs.google.com/document/d/1QQkqehw8umtAgz5z0um7THx-aoU251p705FbIQjDuGs/edit?pli=1&tab=t.0#heading=h.denb9idl4lm0

Can u please check in the latest nightly, this will be resolved as we have implemented the permission policy for lna.
please note the latest permission names here , loopback-network and local-network -> https://wicg.github.io/local-network-access/#permissions

Flags: needinfo?(709922234)
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: