Is it allowed to load JSON data from remote resource?

Add-ons addons.mozilla.org
#1

Hi Team,

Is it allowed to load JSON data from the remote server in the add-on? Since we reply on some dynamic settings when rendering our add-on. As per the doc says: Don’t inject or incorporate remote scripts from https://extensionworkshop.com/documentation/develop/build-a-secure-extension/

If I understand correctly, it is not allowed load JS scripts, but JSON data should be allowed? As we can treat it as a RESTFul API.

Thanks.

#2

JSON data is usually API data and can never be executable on its own (don’t get tempted to include JS code that you eval, though. You can’t use eval in an extension).

1 Like