Doesn't work anymore on Firefox

[aaronliu0130]

https://github.com/ohmyzsh/ohmyzsh/tree/master/plugins/catimg

[aaronliu0130]

Content Security Policy: The page’s settings blocked the loading of a resource at https://asciinema.org/a/Hr6o4z5O2AMEZKnTTPQenpOot/iframe? (“frame-src”).

[aaronliu0130]

This appears to be magically fixed now?

[aaronliu0130]

Doesn't work anymore anymore

[rugk]

It would be great if you could port your browser extension from Chrome/ium also to other browsers like Firefox, i.e. making it a cross-compatible browser extension (“WebExtension”).

See https://extensionworkshop.com/documentation/develop/porting-a-google-chrome-extension/ for more information on how to do that.

[aaronliu0130]

@rugk But a Firefox extension exists, it's just that it doesn't work.

[rugk]

I k now but maybe the docs can provide some insight here, e.g. here it says:

This randomness can prevent you from doing things, such as adding your extension's URL to another domain's CSP policy.

Or about the CSP of the webextension: https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Content_Security_Policy#default_content_security_policy

But as the CSP of GitHub here is likely an issue if I read it right, this here could explain the difference:

The extent to which the CSP controls loads from content scripts varies by browser. In Firefox, JavaScript features such as eval are restricted by the extension CSP. Generally, most DOM-based APIs are subjected to the CSP of the web page. In Chrome, many DOM APIs are covered by the extension CSP instead of the web page's CSP (crbug 896041).