Extension working on Firefox Developer Edition but not published version for Firefox

trahvex · February 1, 2021, 11:19am

I’m trying to publish an extension that makes use of a deep learning model to classifying tracking requests in visited webpages.
Currently, in order to use the tensorflow.js library, needed for the deep learning model to work, “unsafe-eval” has to be allowed because the tensorflow script makes use of the method “Function()”.
The reviewer told me to include the npm package in the zip of my extension “so we can see if we can inspect the library sources, if not we will have to ask you to avoid using it for security reason.”
I did that and the extension was approved, my problem now is that the add-on is not working once published and the console show messages that seem related to problems with “unsafe-eval” permissions. This same package works fine and as intended in Firefox Developer Edition.

How can I solve this so my add-on also works on the normal Firefox?

jscher2000 · February 1, 2021, 7:33pm

Which console? Is this a content script? Are you getting CSP errors?

trahvex · February 1, 2021, 7:46pm

Console found in “about:debugging” and inspecting the add-on. It’s a backgorund script. Yes, it shows a CSP error and then errors of “missing host permissions”.

First message that appears is a warning that says “Content Security Policy: Unable to interpret invalid host ‘wasm-eval’”

jscher2000 · February 1, 2021, 8:45pm

wasm-eval doesn’t sound like a host name… but also not a valid keyword judging from MDN:

https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy/script-src

Any idea where it’s coming from?

trahvex · February 2, 2021, 11:08am

I don’t really know, there’s a bunch of errors that I don’t know how to identify because I have never seen it during the development of the extension and they just appeared once the extension was published but doesn’t happen on the Firefox Developer version.
Here is how the console looks as I start the browser:

caitlin · February 2, 2021, 5:29pm

Hey @trahvex, what’s the name of your add-on? That will help us investigate what’s going on.

Edited to add: Actually, could you provide the URL to the add-on’s listing or its GUID? That will help us track it down.

jscher2000 · February 3, 2021, 9:35am

In case you are getting noise from other activity in the browser, I suggest testing in a dedicated clean profile. You can use the about:profiles page to create a new profile; don’t sync it with your regular profile, to keep it vanilla.

Note: when creating a new profile, Firefox will make it the default. Before launching it, make sure you set your regular profile as default again to avoid problems with external links and your next Firefox startup.

trahvex · February 2, 2021, 5:58pm

https://addons.mozilla.org/en-US/firefox/addon/deep-tracking-blocker/versions/
Here it is

caitlin · February 3, 2021, 9:35am

Thanks so much @trahvex.

It seems like this is related to the about:config pref for webgl.disable-fail-if-major-performance-caveat. Can you change that pref to true on release and then disable/re-enable your extension?

trahvex · February 2, 2021, 8:06pm

Okay, so embarrassing, it was indeed getting noise from other extensions I had I guess. I will look further into my add-on performance now that I solved that, thanks.

trahvex · February 2, 2021, 8:08pm

Thanks, that solved the warnings related to webGL. Most of the other errors it seems they were noise from other add-ons, currently working on a cleaner environment to solve any other problem thanks.