Giters

ipfs / ipfs-companion

Browser extension that simplifies access to IPFS resources on the web

Home Page:https://docs.ipfs.tech/install/ipfs-companion/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Right click upload via ipfs.util.addFromURL sometimes does not work

lidel opened this issue · comments

commented

Workaround until this issue is closed

Disable tracking protection in about:config:

2017-03-26-234833_770x386_scrot

The Problem

Browserified ipfs.util.addFromURL sometimes fails with ambiguous XHR error:

2017-03-26-215536_1141x50_scrot

It does not happen when I load extension via web-ext, but does occur with my regular instance when I right click on an image from Twitter, eg. https://pbs.twimg.com/profile_banners/752196928855744512/1468173187/1500x500

Update 2017-03-27

I temporarily replaced ipfs.util.addFromURL with thin wrapper on top of manual fetch:

async function addFromURL (info) {
  // ipfs.util.addFromURL(info.srcUrl, uploadResultHandler)
  try {
    console.log('addFromURL', info)
    const response = await fetch(info.srcUrl)
    const reader = new FileReader()
    reader.onloadend = () => {
      const buffer = Buffer.from(reader.result)
      ipfs.add(buffer, uploadResultHandler)
    }
    reader.readAsArrayBuffer(await response.blob())
  } catch (error) {
    console.error('Error during addFromURL', error)
  }
}

It enabled me to see the underlying problem.
Firefox is blocking request due to... Tracking protection.

2017-03-26-225053_852x101_scrot

This quite entertaining, given the fact that the image is already in browser's cache.
I'll see if it is possible to get data directly from DOM or local cache without tripping the protection.

If someone needs a workaround for v2.0.0alpha2, disable tracking protection in about:config:

2017-03-26-234833_770x386_scrot

Update 2017-03-28

Neither fetch nor XMLHttpRequest work.

I've found Mozilla Bug #1308640, which ended with FF 54 enabling bypass of Tracking Protection when add-on has explicit permission to URL.

The <all_urls>, which is used by the add-on, is implicit so it does not work.
To make it work in FF 54 we would have to manually specify EVERY domain in existence :trollface:

Update 2017-03-30

There is an open ticket to Bug 1345158 - Implement browser.privacy.trackingProtection API. If/when it lands, we could disable protection just for the instant that is used for fetching resource requested by user and then enabling it again.

commented

Note to self:
Bug 1345158 - Implement browser.privacy.trackingProtection API will be released with Firefox 57 (src).
Usage instructions are in this comment.

commented

Note to self - documentation for browser.privacy.websites.trackingProtectionMode just landed:

Browser compatibility table confirms it will be available in Firefox 57.

commented

I was thinking about this and I really hope there will be a better way to handle this than temporarily disabling TP for the entire browser.

Added a comment with our use case to the Bug 1404610: Tracking protection should not apply on extension pages.

commented

I am still getting this error even when tracking protection is disabled