Skip to content

Right click upload via ipfs.util.addFromURL sometimes does not work #227

Open
@lidel

Description

Workaround until this issue is closed

Disable tracking protection in about:config:

2017-03-26-234833_770x386_scrot


The Problem

Browserified ipfs.util.addFromURL sometimes fails with ambiguous XHR error:

2017-03-26-215536_1141x50_scrot

It does not happen when I load extension via web-ext, but does occur with my regular instance when I right click on an image from Twitter, eg. https://pbs.twimg.com/profile_banners/752196928855744512/1468173187/1500x500

Update 2017-03-27

I temporarily replaced ipfs.util.addFromURL with thin wrapper on top of manual fetch:

async function addFromURL (info) {
  // ipfs.util.addFromURL(info.srcUrl, uploadResultHandler)
  try {
    console.log('addFromURL', info)
    const response = await fetch(info.srcUrl)
    const reader = new FileReader()
    reader.onloadend = () => {
      const buffer = Buffer.from(reader.result)
      ipfs.add(buffer, uploadResultHandler)
    }
    reader.readAsArrayBuffer(await response.blob())
  } catch (error) {
    console.error('Error during addFromURL', error)
  }
}

It enabled me to see the underlying problem.
Firefox is blocking request due to... Tracking protection.

2017-03-26-225053_852x101_scrot

This quite entertaining, given the fact that the image is already in browser's cache.
I'll see if it is possible to get data directly from DOM or local cache without tripping the protection.

If someone needs a workaround for v2.0.0alpha2, disable tracking protection in about:config:

2017-03-26-234833_770x386_scrot

Update 2017-03-28

Neither fetch nor XMLHttpRequest work.

I've found Mozilla Bug #1308640, which ended with FF 54 enabling bypass of Tracking Protection when add-on has explicit permission to URL.

The <all_urls>, which is used by the add-on, is implicit so it does not work.
To make it work in FF 54 we would have to manually specify EVERY domain in existence :trollface:

Update 2017-03-30

There is an open ticket to Bug 1345158 - Implement browser.privacy.trackingProtection API. If/when it lands, we could disable protection just for the instant that is used for fetching resource requested by user and then enabling it again.

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions