search

sammacbeth / dat-fox

dat:// protocol as a Firefox webextension
MIT License
250 stars 12 forks source link

Loading script from dat url fails #24

Open paul90 opened 6 years ago

paul90 commented 6 years ago

In a index.html scripts loaded from a dat url fail to load. For example

<script src='dat://federated-wiki-client.hashbase.io/client.js' type='text/javascript'></script>

fails to load with Loading failed for the <script> with source “dat://federated-wiki-client.hashbase.io/client.js”. in the browser console.

paul90 commented 6 years ago

Discovered while looking at using Content Security Policy to resolve the the CORS issue raised in https://github.com/sammacbeth/dat-fox/issues/23

paul90 commented 6 years ago

The code in content_script.js
https://github.com/sammacbeth/dat-fox/blob/db4f5976b7eb2b03bae8f72c5fd5a7ca44130896/addon/content_script.js#L32-L39 does not appear to being called. If I run it in the console it works, and the scripts are loaded.

This is with Firefox Dev. Edition 63.0b13 on macOS.

sammacbeth commented 6 years ago

This is a known issue - the protocol handler does not work for non-main-frame requests, so we try to re-write them in the content-script. However, doing this is prone to race conditions as you have to chase every script tag injected on the page and update it fast enough that it doesn't cause some other issue.

I'll have a new experimental version soon which will fix this class of issue as we will use a new protocol handler implementation from the libdweb project.

raphaelbastide commented 5 years ago

Is there some news regarding this issue and the experimental version with the new protocol?

sammacbeth commented 5 years ago

Is there some news regarding this issue and the experimental version with the new protocol?

Yes. It's dat-webext which bundles the whole dat stack inside the extension. Details on how it works are in this blog post.

Unfortunately, as it uses experimental APIs, it cannot be easily shipped to Firefox users at present, though Mozilla are looking into featuring dweb extensions like this on the AMO store, and permitting their use of experimental APIs. In the meantime, it can be tested on Desktop in Cliqz's Beta channel (a Firefox fork), or on Android in Cliqz Concept Browser.

raphaelbastide commented 5 years ago

@sammacbeth Thank you very much for that article and your work.