Add-on validator should check for synchronous XMLHttpRequests (XHRs) and explain why they are bad


Status Graveyard
Admin/Editor Tools
7 years ago
2 years ago


(Reporter: aryx, Assigned: basta)



(Whiteboard: [ReviewTeam])

The add-on validator should check for synchronous XMLHttpRequests (XHRs) and explain why they are bad.
Assignee: nobody → mbasta
Whiteboard: [required amo-editors]
Target Milestone: --- → 5.12.12

Comment 1

7 years ago
Could you be more specific? Feel free to post scenarios to test for and wording for such a warning.
Synchronous XHRs block the application UI if they run on the main thread (which is often the case), see

So the validator should check for all XHRs with the third attribute as "false". There are some extensions reading local files like this, these should probably be excluded. 
I am sorry that I am not common with regular expressions, but the filters should look somehow like this:
Jorge, is this something we want?  What wording should we use?

Assuming we add this, I'd rather not use a fragile regex.  Can we do this with spidermonkey instead?

Comment 4

7 years ago
As far as accuracy goes, the validator can tell what type a variable is derived from (so long as the type is not declared locally), so I can test to see if an XMLHttpRequest object has its open() function called with a falsey value for the third parameter. The accuracy would be on par with the other multi-step JS tests.
Warning message:
Synchronous HTTP requests can cause serious UI performance problems, specially to users with slow network connections.

It should be possible to use SpiderMonkey. One note: there are 2 ways to create an XMLHttpRequest object. See

Comment 6

7 years ago
The standard XMLHttpRequest update should be relatively simple. The XPCOM version will be pretty tricky, though. I'll work on getting the standard one nailed down first, as that seems like it's the most pressing.

Comment 7

7 years ago
Done (for XMLHttpRequest objects):

How much of a priority is the XPCOM way?
I don't have any numbers, but I think there are more uses of the XPCOM way than the other one. At any rate I think we should get both for consistency. This is not a very high priority, but I'd rather see both implemented.
Priority: -- → P3
Target Milestone: 5.12.12 → 6.0.0

Comment 9

7 years ago
Done and implemented:
Last Resolved: 7 years ago
Resolution: --- → FIXED
Reclassifying editor bugs and changing to a new whiteboard flag. Spam, spam, spam, spam...
Whiteboard: [required amo-editors] → [ReviewTeam]
Product: → Graveyard
You need to log in before you can comment on or make changes to this bug.