Open Cimbali opened 1 year ago
Possible solutions could be:
dynamically ask users for permissions (or for in-page injection), on select hosts (with maybe an option to allow on all hosts too?)
On the page that shows the message error, we could say the error is likely due to CORS, and offer buttons for:
As seen in #100, but also happens when trying to render gitlab pages, the combination of (1) an extension page and (2) not having full host privileges, can cause the extension page to fail to fetch the markdown:
E.g. opening
ext+view-markdown:https://gitlab.com/gitlab-org/gitlab-foss/-/raw/master/doc/install/requirements.md
This causes the following error, followed by a link to this docs page:Here are the headers for that page:
This doesn’t happen when keeping all permissions, or when injecting into the page (i.e. without redirecting to an extension page) from the navigation bar button, because in both cases we have host permissions.