WebExtensions are an excellent announcement, it is probably going to simplify the life of many developpers. Thanks a lot for that.
However, in my case, there is two major difficulties to port my Chrome extension:
we are loading scripts from a page script and pages script cannot access the Firefox API (simple storage to be precise). In Chrome, it is possible to access the browser storage from a content script and more important: from the page script.
page scripts are not affected by the cross-domain permissions in package.json. In Chrome, if you set a permission, then content scripts and page scripts are able to make cross-domain requests.
Are WebExtensions going to help with those issues ?
I assume by âpage scriptsâ you mean web pages that are shipped as part of the extension and have access to chrome.* APIs. If thatâs not what you mean, then my answer below doesnât apply :-).
If I understand, youâre asking whether chrome.storage will work from content or page scripts? In our implementation right now, you can use the storage.* API from page scripts, but not yet from content scripts. However, weâll definitely add support for that. I just filed bug 1197346 for it.
Yes, the cross-domain permissions in manifest.json apply to all code thatâs part of the extension, including content scripts and page scripts.
I currently just porting a Chrome Extension to WebExtensions and this is not working in Firefox. In Chrome its working like charm but in FF I always getting the Cross-Origin Request Blocked error.
Could not find any additional information if here a known bug is present.
On chrome it is working without a problem since I gave the permission to access en.wikipedia.org but on Firefox I get the following status:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at SMS language - Wikipedia. (Reason: CORS header âAccess-Control-Allow-Originâ missing).
I am not sure its related to that bug, duckduckgo was just as example and with other sides I am facing the same issue. So to me it does not seems to be page related.
Many different sites have CSP protections now, so it could still be that problem. As a workaround, you can do the requests from the background script and communicate the results to the content script.