search

os-scar / overlay

Overlay is a browser extension helping developers evaluate open source packages before picking them
MIT License
215 stars 17 forks source link

Chrome "access by click" gives zero errors #143

Open aviv1620 opened 11 months ago

aviv1620 commented 11 months ago

chrome settings have a way to give extensions access permission only on click. not every time I load the page. If I apply this setting, the extension "works" but says zero issues. not show any error.

Attach a screenshot. 1 2

baruchiro commented 11 months ago

OK, it will require some investigation, I didn't know this feature and will debug it.

baruchiro commented 11 months ago

I can't find where to configure the "access by click". Can you show me?

aviv1620 commented 11 months ago

Untitled step 1: disable the "Automatically allow access on the following sites" step 2: click on the puzzle icon. then click on the Overlay. step 3: refresh

baruchiro commented 11 months ago

To see the errors you need to inspect the Service Worker image

I played with that, I'm not sure what the problem is. Of course, the Service Worker was blocked when I turned the "automatically allow" off. But I didn't managed to enable it again.

aviv1620 commented 11 months ago

I play with this. If I stay the Devtool window open it acting weird. Fortunately if the "Collect errors" enable it is possible to see the error after a bug occurs.

so here the new instruction: step 1: disable the "Automatically allow access on the following sites" step 2: close all the tabs. close the browser completely. close also the "Devtool" window. step 3: open website with node-sass like this https://stackoverflow.com/questions/29461831/libsass-bindings-not-found-when-using-node-sass-in-nodejs

step 4: you see the extension mark 0 issues in node-sass Although if you not follow the steps, the extension mark 2 issues. Screenshot 2023-08-07 100246

step 5: only when you see the extension mark 0 issues in node-sass open the Devtool window. the error that logs it. Access to fetch at 'https://debricked.com/select/get-model-structure' from origin 'chrome-extension://fahpefingaaldhifdbnlipfjniabkiho' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. TypeError: Failed to fetch at background.js:1417:27 at cache (background.js:1350:43) at getModelStructure (background.js:1415:5) at fetchDebricked (background.js:1432:25) at handleAsyncError (background.js:18206:21) at advisories (background.js:18225:18) at async listener (background.js:18235:24) 'fetchDebricked' [{…}]

Screenshot 2023-08-07 100850

baruchiro commented 11 months ago

OK, showing 0 results if you disable the "Automatically allow access on the following sites" is the expected behavior.

Could you let me know what you expected?

aviv1620 commented 11 months ago

0 results it like "the library it safe and I can use it" I expect message "no permission" or something like that

baruchiro commented 11 months ago

OK, it is similar to something we saw on the first day- what if a package does not actually exist? As you said, it will report for 0 issues, but it should alert that this package doesn't exist, or ignore it.

We are waiting for @jossef TO FINISH HIS UI DESIGN 😂