New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Right click upload via ipfs.util.addFromURL sometimes does not work #227

Open
lidel opened this Issue Mar 26, 2017 · 3 comments

Comments

Projects
1 participant
@lidel
Copy link
Collaborator

lidel commented Mar 26, 2017

Workaround until this issue is closed

Disable tracking protection in about:config:

2017-03-26-234833_770x386_scrot


The Problem

Browserified ipfs.util.addFromURL sometimes fails with ambiguous XHR error:

2017-03-26-215536_1141x50_scrot

It does not happen when I load extension via web-ext, but does occur with my regular instance when I right click on an image from Twitter, eg. https://pbs.twimg.com/profile_banners/752196928855744512/1468173187/1500x500

Update 2017-03-27

I temporarily replaced ipfs.util.addFromURL with thin wrapper on top of manual fetch:

async function addFromURL (info) {
  // ipfs.util.addFromURL(info.srcUrl, uploadResultHandler)
  try {
    console.log('addFromURL', info)
    const response = await fetch(info.srcUrl)
    const reader = new FileReader()
    reader.onloadend = () => {
      const buffer = Buffer.from(reader.result)
      ipfs.add(buffer, uploadResultHandler)
    }
    reader.readAsArrayBuffer(await response.blob())
  } catch (error) {
    console.error('Error during addFromURL', error)
  }
}

It enabled me to see the underlying problem.
Firefox is blocking request due to... Tracking protection.

2017-03-26-225053_852x101_scrot

This quite entertaining, given the fact that the image is already in browser's cache.
I'll see if it is possible to get data directly from DOM or local cache without tripping the protection.

If someone needs a workaround for v2.0.0alpha2, disable tracking protection in about:config:

2017-03-26-234833_770x386_scrot

Update 2017-03-28

Neither fetch nor XMLHttpRequest work.

I've found Mozilla Bug #1308640, which ended with FF 54 enabling bypass of Tracking Protection when add-on has explicit permission to URL.

The <all_urls>, which is used by the add-on, is implicit so it does not work.
To make it work in FF 54 we would have to manually specify EVERY domain in existence :trollface:

Update 2017-03-30

There is an open ticket to Bug 1345158 - Implement browser.privacy.trackingProtection API. If/when it lands, we could disable protection just for the instant that is used for fetching resource requested by user and then enabling it again.

@lidel lidel added the bug label Mar 26, 2017

@lidel lidel added this to the v2.0.0 milestone Mar 26, 2017

@lidel lidel added the UX label Mar 26, 2017

lidel added a commit that referenced this issue Mar 29, 2017

fix(contextMenu): display help when upload fails due to Tracking Prot…
…ection

This is a workaround until #227 gets a proper fix.

@lidel lidel added this to In Progress in Rewrite as WebExtension Mar 29, 2017

lidel added a commit that referenced this issue May 21, 2017

fix(wx): Origin mismatch under Chromium
Turns out workaround introduced for Firefox in #227
broke right-click "Upload to IPFS" function under Chromium ;-)

This commit adds userAgent check and enables workaround only
under Firefox, making Chromium (#218) happy.

lidel added a commit that referenced this issue May 24, 2017

fix(wx): Origin mismatch under Chromium
Turns out workaround introduced for Firefox in #227
broke right-click "Upload to IPFS" function under Chromium ;-)

This commit adds userAgent check and enables workaround only
under Firefox, making Chromium (#218) happy.

@lidel lidel moved this from In Progress to Blocked in Rewrite as WebExtension Jul 22, 2017

@lidel lidel added upstream bug and removed bug labels Jul 22, 2017

@lidel

This comment has been minimized.

Copy link
Collaborator Author

lidel commented Aug 10, 2017

Note to self:
Bug 1345158 - Implement browser.privacy.trackingProtection API will be released with Firefox 57 (src).
Usage instructions are in this comment.

@lidel

This comment has been minimized.

Copy link
Collaborator Author

lidel commented Oct 12, 2017

Note to self - documentation for browser.privacy.websites.trackingProtectionMode just landed:

Browser compatibility table confirms it will be available in Firefox 57.

@lidel lidel referenced this issue Nov 27, 2017

Closed

JS IPFS fallback #310

@lidel lidel removed this from the v2.0.0 milestone Dec 2, 2017

@lidel

This comment has been minimized.

Copy link
Collaborator Author

lidel commented Apr 2, 2018

I was thinking about this and I really hope there will be a better way to handle this than temporarily disabling TP for the entire browser.

Added a comment with our use case to the Bug 1404610: Tracking protection should not apply on extension pages.

@lidel lidel added the ready label Sep 22, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment