nsfwjs icon indicating copy to clipboard operation
nsfwjs copied to clipboard

Published 20 hours ago verified publisher icon infinitered

Unable to use in service workers in manifest v3

Open 0xturboblitz opened this issue 2 years ago • 6 comments

Hi, First of all, thanks for your work.

With manifest v3, chrome replaced background scripts with service workers, which cannot access the DOM. I am building a web extension that parses the dom and then analyses the image in the background, quite like nsfw-filter.

I am able to load nsfwjs in the service worker, but any attempt to feed it an image fails because the service worker cannot manipulate anything like images. For instance, any image that I send to the service worker will appear as empty in it.

Is there anything obvious that I am doing wrong, or has someone encountered the same issue ?

0xturboblitz avatar Mar 24 '22 17:03 0xturboblitz

FYI see https://github.com/infinitered/nsfwjs/issues/558

I believe I could use someone testing what I stated here: https://github.com/infinitered/nsfwjs/issues/558#issuecomment-975721013

Because NSFWJS is compiled to ES5, that might be the issue that brings in the unsafe eval. (code here: https://github.com/infinitered/nsfwjs/blob/master/tsconfig.json#L10)

It's my thought that changing that line to "es2018" or so would remove the unsafe evals. Can you check into this, and if that's the case I'll release a browser extension version of NSFWJS?

GantMan avatar Mar 28 '22 19:03 GantMan

Oh @0xturboblitz - I misunderstood the ticket. If you can create a simple project/test that I can use, I'll take a look to see if I can do anything.

GantMan avatar Mar 28 '22 21:03 GantMan

Hi there, I saw this thread and made an example project, just run yarn install, then yarn build and you should be good to go! (add the build file as the chrome extension) Here's the repo

There appears to be 3 different times a "Function" class is created which is generally bad practice, it's essentially the same as eval as far as I know. I know the typescript is translated into javascript and I think that's where it's being put in here.

Google says "You can no longer execute external logic using chrome.scripting.executeScript({code: '...'}), eval(), and new Function()." here

Acorn221 avatar Apr 18 '22 22:04 Acorn221

@Acorn221 - have you tried what I suggested, where you can set the compile target? I guess I could track it down and figure it out, but since you have a project in place, it's easier for you to give it a go.

GantMan avatar Apr 26 '22 14:04 GantMan

Is there any update on this issue? 'Unsafe-eval' prevents from loading nsfwjs model in extension Manifest V3.

Kaastor avatar Nov 23 '22 12:11 Kaastor

I'm not sure what can be done, I think it needs to be packaged up using something other than browserify (probably on a fork) but I'm not sure whether or not any other transpilers will work

Acorn221 avatar Nov 23 '22 16:11 Acorn221