Skip to content

Firefox SecurityError on accessing Style Sheets #827

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
marcusblevin opened this issue Aug 5, 2016 · 2 comments
Closed

Firefox SecurityError on accessing Style Sheets #827

marcusblevin opened this issue Aug 5, 2016 · 2 comments

Comments

@marcusblevin
Copy link

marcusblevin commented Aug 5, 2016
edited
Loading

Couldn't find this in any of the other postings so thought I'd bring it up.

Using Plotly.js v.1.16.0 (latest) in Firefox throws the error "SecurityError: The operation is insecure error" due to function getAllRuleSelectors at line 94271. This appears to be due to a possible cross-domain access of style sheets that only Firefox checks for. Got around the error by wrapping the code in a try/catch block to handle the error.

Shout out to the original poster on SO I got the solution from http://stackoverflow.com/questions/21642277/security-error-the-operation-is-insecure-in-firefox-document-stylesheets

`

// Gets all the rules currently attached to the document
exports.getAllRuleSelectors = function getAllRuleSelectors(sourceDocument) {
var allSelectors = [];

for(var i = 0; i < sourceDocument.styleSheets.length; i++) {
    var styleSheet = sourceDocument.styleSheets[i];

    try {
      // In Firefox, if stylesheet originates from a different domain, trying
      // to access styleSheet.cssRules will throw a SecurityError. Hence, we must use
      // try/catch to detect this condition in Firefox.
      if(!styleSheet.cssRules) continue; // It's possible for rules to be undefined

      for(var j = 0; j < styleSheet.cssRules.length; j++) {
          var cssRule = styleSheet.cssRules[j];

          allSelectors.push(cssRule.selectorText);
      }
    } catch(e) {
      // Rethrow exception if it's not a SecurityError. Note that SecurityError
      // exception is specific to Firefox.
      if(e.name !== 'SecurityError')
        throw e;
    }        
}
return allSelectors;

};`
@etpinard
Copy link
Contributor

etpinard commented Aug 5, 2016

Thanks for the report. This is probably related to #826

I'm on it today.

@etpinard etpinard added bug something broken type: duplicate and removed bug something broken labels Aug 5, 2016
@etpinard
Copy link
Contributor

etpinard commented Aug 5, 2016

duplicate of #826

@etpinard etpinard closed this as completed Aug 5, 2016
@etpinard etpinard mentioned this issue Aug 5, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@etpinard @marcusblevin