desktop icon indicating copy to clipboard operation
desktop copied to clipboard

Published 20 hours ago verified publisher icon zen-browser

Extensions with External Bridge Applications Fail to Work

Open jfftck opened this issue 1 year ago • 2 comments
trafficstars

Captchas

  • [X] I have read the instructions.
  • [X] I have searched existing issues and avoided creating duplicates.
  • [X] I am not filing an enhancement request.

What happened?

Extensions are blocked from using external apps with the following error: Content-Security-Policy: The page’s settings blocked an inline style (style-src-attr) from being applied because it violates the following directive: “default-src chrome: resource:”

There should be an option to allow extensions that users are willing to grant access to external apps, and if possible, have a dialog to inform the user of each app that is given access.

Reproducible?

  • [X] I have checked that this issue cannot be reproduced on Mozilla Firefox.

Version

1.0.1-a.7

What platform are you seeing the problem on?

Linux

Relevant log output

Content-Security-Policy: The page’s settings blocked an inline style (style-src-attr) from being applied because it violates the following directive: “default-src chrome: resource:” 2 customElements.js:499:25
Content-Security-Policy: The page’s settings blocked an inline style (style-src-attr) from being applied because it violates the following directive: “default-src chrome: resource:” panel.js:62:23
stderr output from native app com.add0n.node: /home/**removed for privacy**/.config/com.add0n.node/run.sh: line 2: /usr/bin/node: No such file or directory 4

jfftck avatar Oct 09 '24 19:10 jfftck

ZEN-1929 Extensions with External Bridge Applications Fail to Work

linear[bot] avatar Oct 09 '24 19:10 linear[bot]

I have the same problem, which causes me to be unable to login to reddit through my Google account

obmutescences avatar Oct 10 '24 03:10 obmutescences

@jfftck @obmutescences Does this stiil happen on the latest version? (version a.14 for now)

RayZ3R0 avatar Oct 30 '24 14:10 RayZ3R0

Still seeing the bug on the "Open in Chromium" extension, here are the logs:

This page is in Almost Standards Mode. Page layout may be impacted. For Standards Mode use “<!DOCTYPE html>”. index.html
Uncaught (in promise) Error: Invalid contextual identity: firefox-default undefined
File closed NativeMessaging.sys.mjs:224
    writePromise resource://gre/modules/NativeMessaging.sys.mjs:224
null ExtensionCommon.sys.mjs:851
    normalizeError resource://gre/modules/ExtensionCommon.sys.mjs:851
    withLastError resource://gre/modules/ExtensionCommon.sys.mjs:871
    wrapPromise resource://gre/modules/ExtensionCommon.sys.mjs:942
Unchecked lastError value: Error: An unexpected error occurred index.js:109
    <anonymous> moz-extension://aaa9b83f-ee2c-4b86-a384-7630152e86fd/data/helper/index.js:109
stderr output from native app com.add0n.node: /home/jeffrey/.config/com.add0n.node/run.sh: line 2: /usr/bin/node: No such file or directory
Uncaught (in promise) Error: Invalid contextual identity: firefox-default undefined

This is what I get when clicking the "Check Connection" button.

jfftck avatar Oct 30 '24 17:10 jfftck

It also says you don't have nodejs installed?

mr-cheffy avatar Oct 30 '24 17:10 mr-cheffy

Here is what I get in my terminal:

node --version
v18.19.1

So Node is installed, this makes me feel that this is a Flatpak issue. I think it is the sandbox blocking access, but this is the recommended install method. This might require a change in packaging and new recommendation. I already used Flatseal and enabled all file system access permissions.

jfftck avatar Oct 30 '24 18:10 jfftck

image

But i already login reddit with google accounts.

obmutescences avatar Oct 31 '24 06:10 obmutescences

Don't know if somehow I missed a bunch of updates and just got this bug, but fully internal extensions are now throwing this error for me. Pretty common ones like DarkReader and PrivacyBadger are throwing the same console errors as OP, and ProtonPass cannot open pop ups in any site.

1.0.1-a.19 Sequoia 15.2 Beta 2

m-c-program avatar Nov 15 '24 06:11 m-c-program

Hi, @jfftck. I'm Dosu, and I'm helping the desktop team manage their backlog. I'm marking this issue as stale.

Issue Summary:

  • Extensions on Linux face Content-Security-Policy errors, blocking inline styles.
  • The issue is not present on Mozilla Firefox.
  • Similar problems reported by @obmutescences and @m-c-program with various extensions.
  • Suspected Flatpak-related sandboxing issue; potential packaging change suggested.

Next Steps:

  • Please confirm if this issue persists with the latest version of the desktop repository by commenting here.
  • If no update is provided, the issue will be automatically closed in 7 days.

Thank you for your understanding and contribution!

dosubot[bot] avatar Dec 16 '24 16:12 dosubot[bot]

It looks like there are other platforms that have issues, but I am not able to confirm that. I switched back to Firefox as it is available as a DEB package and even has a repository for using with APT, this has improved the performance over the Snap version.

jfftck avatar Dec 16 '24 19:12 jfftck

@mauro-balades, the user @jfftck has indicated that the issue with Content-Security-Policy errors on Linux is still relevant, noting that they switched back to Firefox for better performance. Could you please assist them with this issue?

dosubot[bot] avatar Dec 16 '24 19:12 dosubot[bot]