search

folletto / Blipshot

Google Chrome Extension to make screenshots
intenseminimalism.com
114 stars 19 forks source link

Bug: drag'n'drop of pageshot thumbnail to Finder (filesystem) fails due to permission issues #13

Open porg opened 7 years ago

porg commented 7 years ago

Bug description

If one drags the thumbnail of the created pageshot and drops it somewhere in the filesystem (in the Mac Finder) a file with the proper naming scheme "pageshot of '' @ <date>" is written, but it is empty, has a file size of 0 bytes.</p> <p>After the drag'n'drop action Chrome reveals the status bar, and shows the file like other file downloads. But in it's second row the troubled BlipShot file states "Failed — Blocked".</p> <h2>Reproducability</h2> <h3>My conclusion</h3> <p>Very likely this is the bug condition: If the protocol of a webpage is HTTPS then BlipShot fails, if it's HTTP then BlipShot works.</p> <p>The permission issue seems to have nothing to do with the target (filesystem) but with the source (website), more specifically the scheme (HTTPS). And also nothing with the content type of the side, or a web browser plugin / extension conflict. The protocol raises the bug condition!</p> <h3>Target</h3> <p>I tried different locations on my computer. <code>~/Desktop</code>, <code>~/Downloads</code>, etc. They all had correct file permissions. Could not figure out any pattern.</p> <h3>Source</h3> <p>I had troubles reproducing this bug, sometimes BlipShot worked as expected and sometimes it failed with drag'n'drop to filesystem.</p> <p>Success on i.e. <a rel="noreferrer nofollow" target="_blank" href="http://origami.design/">http://origami.design/</a> Failure on i.e. <a rel="noreferrer nofollow" target="_blank" href="https://www.flinto.com/">https://www.flinto.com/</a></p> <p>I tried more systematically. And then it occurred to me: It's the protocol which decides whether it works or not!</p> <h2>Affected versions</h2> <ul> <li>Blipshot 1.1.1 (currently up to date)</li> <li>Chrome 54.0.2840.98 (currently up to date)</li> <li>OS: Both on OS X 10.9 Mavericks as well as on macOS 10.12 Sierra</li> </ul> <h1>Workaround</h1> <p>Right click the troublemaking file, then select "Save image as…" This works, but you get an ugly filename like <code>3c428027-8d8e-43c0-a02d-441a5700664d.png</code> and loose the more usable file naming scheme.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/folletto"><img src="https://avatars.githubusercontent.com/u/4389?v=4" />folletto</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>Thank you! This is an amazing report, and I agree... there seem to be an issue there, sadly. :(</p> <p>I wonder if Chrome changed something recently... I need to look into that.</p> <p>Thanks!</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/porg"><img src="https://avatars.githubusercontent.com/u/737143?v=4" />porg</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>You are providing this wonderful freeware which has helped me often enough already, so now it was my time to give back by thoroughly studying and reporting the bug.</p> <p>Thanks for your appreciating response, all the best for fixing the bug!</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/lippytak"><img src="https://avatars.githubusercontent.com/u/2533112?v=4" />lippytak</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>+1 came here to mention the same thing.</p> <p>Few things worth noting:</p> <ul> <li>It doesn't happen on all HTTPS sites (works on Github, for example)</li> <li>It happens even if you disable javascript before the drag (but after taking the screenshot)</li> <li>You can still DnD other images from the same site</li> </ul> <p>Odd. Thanks for the workaround!</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/porg"><img src="https://avatars.githubusercontent.com/u/737143?v=4" />porg</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>@lippytak Nice to see that my workaround helps you out in the meantime. And good to see further debugging observations. @folletto Do our observations enable you to fix the bug? Or still in the dark?</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/folletto"><img src="https://avatars.githubusercontent.com/u/4389?v=4" />folletto</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>These observations are very useful, unfortunately I haven't found yet a workaround, sorry ^^'</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/porg"><img src="https://avatars.githubusercontent.com/u/737143?v=4" />porg</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>Any news?</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/folletto"><img src="https://avatars.githubusercontent.com/u/4389?v=4" />folletto</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>Sorry I couldn't find time yet. I'm aware it has been a few months, I'm sorry :( </p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/porg"><img src="https://avatars.githubusercontent.com/u/737143?v=4" />porg</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>@lippytak <a href="HTTPS://github.com">HTTPS://github.com</a> > Blipshot fails for me.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/porg"><img src="https://avatars.githubusercontent.com/u/737143?v=4" />porg</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>@folletto FYI: Extension Settings at chrome://extensions > Blipshot > <code>Allow access to file URLs</code> is <code>TRUE</code>. But nevertheless the bug behavior is unchanged.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/folletto"><img src="https://avatars.githubusercontent.com/u/4389?v=4" />folletto</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>I thought initially it was a matter of <a href="https://developer.chrome.com/apps/contentSecurityPolicy">Content Security Policy</a> but either I wasn't able to find the right setting in <code>manifest.json</code>, or it's not the right solution.</p> <p>However I noticed that if I disable the "nice name" javascript handler in <code>actionDrag</code>:</p> <pre><code>e.dataTransfer.setData("DownloadURL", "image/png:" + filename + ".png:" + blobURL);</code></pre> <p>The image <em>can</em> be dragged and appears correctly. Just, has the ugly name. :(</p> <p>Here the change: <a href="https://github.com/folletto/Blipshot/commit/c97e19500216b3b5d2e3bcd14674797025e7346e">https://github.com/folletto/Blipshot/commit/c97e19500216b3b5d2e3bcd14674797025e7346e</a></p> <p>I also managed to find a way to instantly download the image on click, which seems working on all sites. It's not drag'n'drop, but at least with one click it downloads.</p> <p>I'll keep this issue open still, as the issue isn't really solved.</p> <hr /> <p>I haven't pushed any update to the Chrome Web Store yet. Still playing around it a bit.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/folletto"><img src="https://avatars.githubusercontent.com/u/4389?v=4" />folletto</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>Ok <a href="https://chrome.google.com/webstore/detail/blipshot-one-click-full-p/mdaboflcmhejfihjcbmdiebgfchigjcf">version 1.2 published</a> on the store. As mentioned above doesn't "solve" the issue, but at least it's not stuck anymore:</p> <ul> <li>On <code>http</code> works as usual</li> <li>On <code>https</code> works, but the filename is weird</li> <li>On both <code>http</code> and <code>https</code> clicking on the image saves it in the default location, with the right name</li> </ul> <hr /> <p>I'm keeping this issue open as I want to try again to solve the <code>https</code> drag issue properly.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/porg"><img src="https://avatars.githubusercontent.com/u/737143?v=4" />porg</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>I tested it, and it works as in your description. Would be glad if drag'n'drop with a meaningful name would work again, as this was a very time-saving feature of Blipshot!</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/folletto"><img src="https://avatars.githubusercontent.com/u/4389?v=4" />folletto</a> commented <strong> 7 years ago</strong> </div> <div class="markdown-body"> <p>I agree, I will try again to see if there's a workaround.</p> </div> </div> <div class="page-bar-simple"> </div> <div class="footer"> <ul class="body"> <li>© <script> document.write(new Date().getFullYear()) </script> Githubissues.</li> <li>Githubissues is a development platform for aggregating issues.</li> </ul> </div> <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js"></script> <script src="/githubissues/assets/js.js"></script> <script src="/githubissues/assets/markdown.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/languages/go.min.js"></script> <script> hljs.highlightAll(); </script> </body> </html>