search

sindresorhus / refined-twitter

Browser extension that simplifies the Twitter interface and adds useful features
MIT License
1.31k stars 89 forks source link

Fix Instagram images loading #176

Closed filipekiss closed 5 years ago

filipekiss commented 5 years ago

Fixes #175

filipekiss commented 5 years ago

A quick overview about this problem:

Google released Chrome 73 on March, 12 and, with that, a new security policy regarding Cross-Origin requests in extensions was put in place. The tl;dr from Chrome's changelog is:

To improve security, cross-origin fetches will soon be disallowed from content scripts in Chrome Extensions. Such requests can be made from extension background pages instead, and relayed to content scripts when needed.

So I've moved the original fetch request from the inline-instagram-images.js file to background.js and we're now using the Messaging API to make requests.

We also parse the URL before sending it via message and send only the instagram post id. This way, we ensure that, even if something bogus happens and a full URL is sent to our message listener, it won't actually trigger any malicious script;

This makes the extensions ready (at least in this regard) to the new Extension Manifest V3;

I also changed the document query used, to avoid trying to load URLs that are not directly from a photo.

sindresorhus commented 5 years ago

Thanks for fixing.

If anyone wants to test this, here's a random tweet with a Instagram link: https://twitter.com/ukphonesandacc1/status/1110869822584152066

filipekiss commented 5 years ago

@sindresorhus My pleasure! It's been a while since I had time to commit something to the project, glad to be back :)