Error processing content_security_policy.extension_pages: ‘script-src’

I'm getting this error in Firefox MV3.

Reading manifest: Error processing content_security_policy.extension_pages: ‘script-src’ directive contains a forbidden http: protocol source

This is the code of the line that is calling the API. The PLASMO_PUBLIC_BASE_PATH is "http://localhost:8080"

const myApi = new Api(new Configuration({ basePath: process.env.PLASMO_PUBLIC_BASE_PATH, apiKey: process.env.PLASMO_PUBLIC_CLIENT_API_KEY }))

Is there any solution for this?

5 Replies

Arcane•13mo ago

@Phoenix has reached level 2. GG!

lab•13mo ago

You should proxy that API call to your BGSW/BGP instead of trying to call it directly

PhoenixOP•13mo ago

I've done that but plasmo is still adding a "http://localhost" to the content_security_policy. I think that is because Plasmo is building the dev environment on "localhost:1815"

 "content_security_policy":{"extension_pages":"script-src 'self' http://localhost;object-src 'self';"}

 "content_security_policy":{"extension_pages":"script-src 'self' http://localhost;object-src 'self';"}

This is the manifest generated by plasmo for Firefox MV3 (I've already proxy the API so I don't have anything pointing to localhost directly). Is this a bug? I'm not sure how to solve this without using the production environment to avoid using http

lab•13mo ago

hmm this might be a recent change, since previously localhost source was a valid destination for this :-?... If you try compiling for firefox-mv2, does it work?

PhoenixOP•13mo ago

Let me check This is solved. It is important to know that if you're using firefox mv3, you need to check the permissions manually or you're worker will fail.

Gaming

Programming

Error processing content_security_policy.extension_pages: ‘script-src’