karlicoss · karlicoss · Apr 24, 2024 · Apr 23, 2024 · Apr 24, 2024 · Apr 24, 2024
diff --git a/extension/package.json b/extension/package.json
@@ -1,7 +1,7 @@
 {
   "name": "grasp",
-  "version": "0.7.1",
-  "version_name": "released on 2022.12.28",
+  "version": "1.0.0",
+  "version_name": "released on 2024.04.24",
   "description": "Reliably capture links and webpage content in a plaintext file (org-mode/markdown)",
   "main": "dist/background.js",
   "scripts": {
@@ -31,18 +31,18 @@
     "@babel/core": "^7.24.4",
     "@babel/eslint-parser": "^7.24.1",
     "@babel/preset-env": "^7.24.4",
-    "@eslint/js": "^9.0.0",
+    "@eslint/js": "^9.1.1",
     "@types/webextension-polyfill": "^0.10.7",
     "babel-loader": "^9.1.3",
-    "chrome-webstore-upload-cli": "^2.1.0",
+    "chrome-webstore-upload-cli": "^3.1.0",
     "clean-webpack-plugin": "^4.0.0",
     "copy-webpack-plugin": "^12.0.2",
     "css-loader": "^7.1.1",
     "eslint": "^8.57.0",
     "style-loader": "^4.0.0",
     "ts-loader": "^9.5.1",
     "typescript": "^5.4.5",
-    "typescript-eslint": "^7.7.0",
+    "typescript-eslint": "^7.7.1",
     "web-ext": "^7.11.0",
     "webextension-polyfill": "^0.11.0",
     "webpack": "^5.91.0",

diff --git a/extension/src/img/unicorn_dark.png b/extension/src/img/unicorn_dark.png
diff --git a/extension/webpack.config.js b/extension/webpack.config.js
@@ -99,11 +99,17 @@ if (target === T.FIREFOX || v3) {
 
 
 const content_security_policy = [
-  "default-src 'self'",
+  "script-src 'self'",  // this must be specified when overriding, otherwise it complains
+  /// also this works, but it seems that default-src somehow shadows style-src???
+  // "default-src 'self'",
+  // "style-src 'unsafe-inline'", // FFS, otherwise <style> directives on extension's pages not working??
+  ///
+
+  // also need to override it to eclude 'upgrade-insecure-requests' in manifest v3?
+  // https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/Content_Security_Policy#upgrade_insecure_network_requests_in_manifest_v3
+  // NOTE: could be connect-src http: https: to allow all?
+  // but we're specifically allowing endpoints that have /capture in them
   "connect-src " + endpoints('*:*').join(' '),
-
-  // FFS, otherwise <style> directives on extension's pages not working??
-  "style-src 'unsafe-inline'",
 ].join('; ')
 
 
@@ -140,10 +146,15 @@ const manifestExtra = {
     optional_permissions: optional_permissions,
     manifest_version: v3 ? 3 : 2,
     background: background,
-    content_security_policy: v3 ? {
-      extension_pages: content_security_policy,
-    } : content_security_policy,
 }
+
+if (target === T.FIREFOX) {
+    // NOTE: chrome v3 works without content_security_policy??
+    // but in firefox it refuses to make a request even when we allow hostname permission??
+  manifestExtra.content_security_policy = (v3 ? {extension_pages: content_security_policy} : content_security_policy)
+}
+
+
 manifestExtra[action_name] = action
 manifestExtra.content_scripts = [
   {

diff --git a/tests/test_end2end.py b/tests/test_end2end.py
@@ -75,6 +75,13 @@ def open(self) -> None:
     def enter_data(self, *, comment: str, tags: str) -> None:
         import pyautogui
 
+        if self.helper.driver.name == 'firefox':
+            # for some reason in firefox under geckodriver it woudn't focus comment input field??
+            # tried both regular and dev edition firefox with latest geckodriver
+            # works fine when extension is loaded in firefox manually or in chrome with chromedriver..
+            # TODO file a bug??
+            pyautogui.hotkey('tab')  # give focus to the input
+
         pyautogui.write(comment)
 
         pyautogui.hotkey('tab')  # switch to tags
@@ -85,9 +92,6 @@ def enter_data(self, *, comment: str, tags: str) -> None:
         # pyautogui.hotkey(['backspace' for i in range(10)], interval=0.05)
         pyautogui.write(tags)
 
-        # FIXME ffs. focus in the popup isn't working when it's running via webdriver??
-        # tried both regular and dev edition firefox with latest geckodriver
-
     def submit(self) -> None:
         import pyautogui
 
@@ -241,7 +245,8 @@ def test_capture_no_configuration(addon: Addon) -> None:
 
 # chrome  v3 works
 # firefox v2 works
-# firefox v3 BROKEN (same issue as above)
+# firefox v3 BROKEN (sort of)
+#            seems like manifest v3 is prompting for permission even if we only change port
 def test_capture_bad_port(addon: Addon) -> None:
     """
     Check that we get error notification instead of silently failing if the endpoint is wrong
@@ -285,15 +290,19 @@ def test_capture_custom_endpoint(addon: Addon, server: Server) -> None:
 
 
 # chrome  v3 works
-# firefox v3 BROKEN (doesn't focus in popup, must be geckodriver issue)
-#                   UPD -- sometimes is working?? wtf...
-# firefox v2 BROKEN (same as above)
+# firefox v2 works
+# firefox v3 works
 @myparametrize("grasp_port", ["17890"])
 def test_capture_with_extra_data(addon: Addon, server: Server) -> None:
     driver = addon.helper.driver
 
     addon.options_page.open()
-    addon.options_page.change_endpoint(endpoint=f'http://localhost:{server.port}/capture')
+    addon.options_page.change_endpoint(
+        endpoint=f'http://localhost:{server.port}/capture',
+        # NOTE ugh ffs. chrome doesn't ask for permission here.
+        # firefox does, but only in v3???  TODO make conditional on manifest version..
+        wait_for_permissions=(driver.name == 'firefox'),
+    )
 
     driver.get('https://example.com')