Add https://*/* permission to avoid fetch error in Firefox #127
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Firefox is unable to successfully fetch (results in "TypeError: NetworkError when attempting to fetch resource") without having permission to https. We fetch SPSP endpoints to check that they are valid, so that we know the payment pointers are legitimate. The monetization icon will not be set if we cannot validate the payment pointer. This permission doesn't seem to be necessary on Chromium-based browsers. Signed-off-by: sharon-wang <[email protected]>
|
We can try testing on https://www.youtube.com/watch?v=sApKXmwhg4g to see if youtube monetization works. Edit: and it works✅🙂 |
|
Tested on monetized sites (both with and without a provider), and on monetized youtube (both with and without a provider) and it is working great! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The monetization icon was broken in Firefox (not indicating if a site is monetized). This is because we had removed the
<all_urls>permission some time ago, but Firefox needs at least thehttpspermission in the manifest since we are making fetch requests to HTTPS endpoints (to validate payment pointers). This change fixes #120.Firefox is unable to successfully fetch (results in
"TypeError: NetworkError when attempting to fetch resource") without permission to https. We fetch SPSP endpoints to check that they are valid, so that we know the payment pointers are legitimate. The monetization icon will not be set if we cannot validate the payment pointer.This permission doesn't seem to be necessary on Chromium-based browsers.
NOTE that if upon resubmission to Chrome/Edge we get rejected because of the HTTPS permission (and assuming Firefox approves of the submission), then we will have to separately package the extension for Chromium and Firefox with the permission removed for Chromium and included for Firefox.