Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
4YI: A bug in Firefox WebExtensions content scripts environment affecting VM
See original GitHub issueWhat is the problem?
How to reproduce it?
- install a userscript from https://gist.github.com/KOLANICH/5c85e09af65d87b24a3763c1316f099e
- open any page
- see browser console
What is the expected result?
after message is printed.
What is the actual result?
It is not. TextEncoder in content_scripts environment returns typed arrays (and their buffers) that seem to belong to another context.
Environment
- Browser: Firefox
- Browser version: Developers Edition
- Violentmonkey version: any
- OS: any
Issue Analytics
- State:
- Created 3 years ago
- Comments:11 (6 by maintainers)
Top Results From Across the Web
Content scripts - Mozilla - MDN Web Docs
Background scripts can access all the WebExtension JavaScript APIs, but they can't directly access the content of web pages.
Read more >content_scripts - Mozilla - MDN Web Docs
Instructs the browser to load content scripts into web pages whose URL matches a given pattern.
Read more >Dynamic module import doesn't work in webextension content ...
This is a BLOCKER for deloyment of module-based javascript content scripts. Since it works fine in background scripts (using <script type=module> in background....
Read more >Chrome incompatibilities - Mozilla - MDN Web Docs
This is a limitation created by the sandbox environment in Firefox. This limitation may be removed, see bug 1208775. Content script lifecycle ...
Read more >Content script CSS should be removed when disabling an add ...
A Chrome extension doesn't immediately affect > open tabs when it's enabled; content stylesheets aren't applied and content > scripts aren't run until...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
The sandbox code is injected into the page in the default injection mode but I haven’t seen a way for a site to take advantage of it because we inject before the page scripts can install any hooks. The script elements are removed at once so there are no tracks. One exception would be the moment Violentmonkey is installed/updated in Firefox because Firefox runs content scripts at this moment. If we ever see evidence that the latter is abused in the wild we’ll simply add a check to skip injection in this case altogether.
Thank you for the info.