I created an about page in my addon. It is very good for perf if I use the flag URI_SAFE_FOR_UNTRUSTED_CONTENT
. This makes it so Components
and other XPCOM is not loaded, basically it makes it a regular web page:
getURIFlags: function(aURI) {
return Ci.nsIAboutModule.URI_SAFE_FOR_UNTRUSTED_CONTENT | Ci.nsIAboutModule.ALLOW_SCRIPT | Ci.nsIAboutModule.URI_MUST_LOAD_IN_CHILD;
},
I am making this load in content process (for e10s) so want it as friendly as possible (no xpcom).
However an issue is file://
images cannot be loaded. Currently I make a resource:// uri out of the file:// URI, however this has issues, you can’t right click and copy image location, or “open in new tab”, it gives security error even with resource:// uri.
Error given when right click and say “View Image” or “Save Image As” or any of the image functions really:
Security Error: Content at about:nativeshot may not load or link to resource://nativeshot_file0/.
uncaught exception: Load of resource://nativeshot_file0/ from about:nativeshot denied.
Is there anyway to give it just permission to load file://
uris? My addon is an image gallery (of screenshots on system).
I can’t find anything in the permissions panel to allow file://
uri:
