[Firefox MV3] Any plan to support scripting eval in "sandbox"?

cyfung1031 · April 5, 2026, 10:21pm

In Chrome MV3, there is the sandbox feature that allowing JavaScript eval inside the sandbox page.

    "sandbox": {
        "pages": [
            "src/sandbox.html"
        ]
    },
    "content_security_policy": {
        "sandbox": "sandbox allow-scripts; script-src 'self' 'unsafe-eval'"
    }

However it seems not supported in Firefox.

This is a required feature in extension “ScriptCat” for running the code in background.
I expect that I can append an sandbox iframe in Event Page. The sandbox iframe is isolated from all extension APIs and just allow to communicate with the parent frame, so it can do JavaScript eval safely.

juraj.masiar · April 6, 2026, 11:27am

Here is the issue for that:

cyfung1031 · April 6, 2026, 7:02pm

Thanks for quoting it.

From the Rob Wu’s last reply, it seems just returned to a positive direction. We are looking forwards to it.

Topic		Replies	Views
WebExtension: Sandboxing eval Development	4	5224	September 2, 2017
Alternative to unsafe-eval Development	20	9162	May 26, 2018
Electrolysis compatibility shims doesn't work with evalInSandbox Development	3	1015	September 9, 2015
Addon disabled because of using eval addons.mozilla.org	10	1844	September 12, 2020
Strange network bug on the extension page Development	27	2306	June 19, 2020

[Firefox MV3] Any plan to support scripting eval in "sandbox"?

Related topics