injected script breaks browser default XML presentation #1136
Comments
|
Hm we should definitely check the document type and inject it conditionally! |
|
@chancancode better yet, we should only run inspector when you click the inspector tab. |
|
As things are designed today, this particular script tag has to be injected eagerly to allow the inspector to possibly run later. We can add UI to change which sites to run on, but unless we require a refresh to activate the inspector this isn’t really avoidable at the moment. |
|
@chancancode yeah not sure if there is a good solution, but it would be ideal. There have been several reports of this breaking non-Ember sites in some way. |
|
For this case, I'm entirely happy with inferring the mime type of the page. |
|
@efx that’s probably the fix we can do in the medium term. I don’t know if chrome/firefox let you request that a content script to be injected only on html pages in the manifest. If they do, that’s great. If not, it’s not a big deal, we would just have to detect the document type in the content script and guard the script tag injection accordingly. If you or someone else is able to send a PR, it should be a fairly straightforward fix. Otherwise I’ll do it when I get back from vacation next week. |
ghost
mentioned this issue
Fix #1136. I chose to whitelist the [HTML mime type](https://www.iana.org/assignments/media-types/media-types.xhtml#text) only since it is simpler. Per Godfrey's comment, we could declare [matching in the manifest](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns) but it does so by URL or protocol. Because of that I think checking the mime type in the document is simpler and more readable.
Fix #1136. I chose to whitelist the [HTML mime type](https://www.iana.org/assignments/media-types/media-types.xhtml#text) only since it is simpler. Per Godfrey's comment, we could declare [matching in the manifest](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns) but it does so by URL or protocol. Because of that I think checking the mime type in the document is simpler and more readable. (cherry picked from commit 87f8059)
Fix emberjs#1136. I chose to whitelist the [HTML mime type](https://www.iana.org/assignments/media-types/media-types.xhtml#text) only since it is simpler. Per Godfrey's comment, we could declare [matching in the manifest](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns) but it does so by URL or protocol. Because of that I think checking the mime type in the document is simpler and more readable.
Fix emberjs#1136. I chose to whitelist the [HTML mime type](https://www.iana.org/assignments/media-types/media-types.xhtml#text) only since it is simpler. Per Godfrey's comment, we could declare [matching in the manifest](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns) but it does so by URL or protocol. Because of that I think checking the mime type in the document is simpler and more readable.
Fix emberjs#1136. I chose to whitelist the [HTML mime type](https://www.iana.org/assignments/media-types/media-types.xhtml#text) only since it is simpler. Per Godfrey's comment, we could declare [matching in the manifest](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Match_patterns) but it does so by URL or protocol. Because of that I think checking the mime type in the document is simpler and more readable.
As a developer, I use web-browsers to visually inspect XML. Ember inspector injects a script tag that breaks the default browser presentation of the XML.
Issue and Steps to Reproduce
I believe this occurs because we indiscriminately append the boot
<script>:ember-inspector/skeletons/web-extension/boot.js
Line 3 in 4713877
Screenshots
unexpected
expected
The text was updated successfully, but these errors were encountered: