gatsby: SecurityError: The operation is insecure in Firefox Developer edition

I worked around the issue by disabling the “Delete cookies and site data when Firefox Developer Edition is closed” option:

Just came across this error as well in Firefox 72.

A different option than unchecking the Delete cookies and site data when Firefox is closed is to leave it checked but then go into Manage Permissions option next to the checkmark and add localhost:8000 to the Allow list. Just adding localhost did not work for me, I had to specifically add the port as well.

Just came across this error as well in Firefox 72.

A different option than unchecking the Delete cookies and site data when Firefox is closed is to leave it checked but then go into Manage Permissions option next to the checkmark and add localhost:8000 to the Allow list. Just adding localhost did not work for me, I had to specifically add the port as well.

Yeah !!! This is the solution

Thank you so much! This worked for the exact error I was having with my React app. But what exactly is the problem? And why does this work? Should the unregister function in my React app be changed to account for this in some way?

The issue is that firefox doesn’t allow any kind of access to navigator.serviceWorker when the “delete cookies and site data when Firefox is closed” option is enabled. I don’t know what reasons did they have for it, but dealing with that issue would just be a matter of surrounding the navigator.serviceWorker access with a try ... catch that captures the SecurityError exception and proceeds as if the browser did not have any serviceWorker functionality.

In case someone uses Firefox for anything else than just Gatsby development, I’d recommend against disabling cleaning the cookies on exit. I’m not sure about adding localhost:8000 to the whitelist, because some popular malware (like the video conferencing app Zoom) install local servers that do stuff we wouldn’t want them to do.

Whitelisting the localhost:8000 would most definitely be a good temporary workaround, but that’s not really a solution.

As far as I’ve seen, the Firefox team knows about this issue, but doesn’t consider it their problem: https://bugzilla.mozilla.org/show_bug.cgi?id=1429714. They have a good point that a rejected Promise should be handled gracefully, like any other possible error. I think @kilburn’s idea to add error handling for it would be a way towards a proper fix.

As a temporary workaround, the Incognito mode works fine.

Personally, I don’t want that functionality completely disabled.

Hope it helps 😄

Happening on MacOS FireFox 69.0, with FF extensions disabled, vanilla gatsby-starter-default.

gatsby: ^2.15.13 => 2.15.13
gatsby-cli: ^2.7.47 => 2.7.47
gatsby-image: ^2.2.18 => 2.2.18
gatsby-plugin-manifest: ^2.2.16 => 2.2.16
gatsby-plugin-offline: ^2.2.10 => 2.2.10
gatsby-plugin-react-helmet: ^3.1.7 => 3.1.7
gatsby-plugin-sharp: ^2.2.21 => 2.2.21
gatsby-source-filesystem: ^2.1.22 => 2.1.22
gatsby-transformer-sharp: ^2.2.14 => 2.2.14

npmGlobalPackages:
    gatsby-cli: 2.7.44

Just came across this error as well in Firefox 72.

A different option than unchecking the Delete cookies and site data when Firefox is closed is to leave it checked but then go into Manage Permissions option next to the checkmark and add localhost:8000 to the Allow list. Just adding localhost did not work for me, I had to specifically add the port as well.

It works as described. 👍

I submitted a minimal fix in #25981. I like @j127 's specific Firefox warning, but opted to omit it, thinking

• I don’t think we want to advise (possibly inexperienced) developers to turn off browser security.
• More browsers may add default security settings that cause this fault, and a more generic remedy will cut down on maintenance PR’s.

I’m glad to retract the PR if we think there’s a better way, but wanted to get some active code in place that catches the exception and gives us a foundation for discussion.

Experiencing this too! FF 75.0 (64bit), on Ubuntu 18.04. My ‘workaround’ is to just comment out the entire if-statement’s body, but I have to do that everytime the development server restarts., which is not very convenient.

 if (`serviceWorker` in navigator) {
   /* navigator.serviceWorker.getRegistrations().then(registrations => {
      if (registrations.length > 0)
        console.warn(
          `Warning: found one or more service workers present.`,
          `If your site isn't behaving as expected, you might want to remove these.`,
          registrations
        )
    })*/
  }

I am having this issue on FF/Mac (v73.0.1) and create-react-app and it fixed it! But does anyone know why this happens?

I worked around the issue by disabling the “Delete cookies and site data when Firefox Developer Edition is closed” option:

I worked around the issue by disabling the “Delete cookies and site data when Firefox Developer Edition is closed” option:

Thank you so much! This worked for the exact error I was having with my React app. But what exactly is the problem? And why does this work? Should the unregister function in my React app be changed to account for this in some way?

Same on firefox 69.0 (64-bit) for linux

Just came across this error as well in Firefox 72.

A different option than unchecking the Delete cookies and site data when Firefox is closed is to leave it checked but then go into Manage Permissions option next to the checkmark and add localhost:8000 to the Allow list. Just adding localhost did not work for me, I had to specifically add the port as well.

Thanks! Oh and btw, Manage Permissions is Manage Exceptions on FDE 82 now.

Thêm try catch hoặc .catch nhé các sếp 😃

Another workaround would be to set dom.serviceWorkers.enabled to false in about:config.

I’m not sure on the side-effects on this one, but so far I add an empty catch to the navigator.serviceWorker.getRegistrations().then(...) every time I run gatsby develop

Takes care of the annoying error for me.

./.cache/app.js

 if (`serviceWorker` in navigator) {
    navigator.serviceWorker.getRegistrations().then(registrations => {
      if (registrations.length > 0)
        console.warn(
          `Warning: found one or more service workers present.`,
          `If your site isn't behaving as expected, you might want to remove these.`,
          registrations
        )
    }).catch(error => {})

I am also seeing this. One (very) slight difference between my case and OPs is the subsequent line is highlighted as the error in my case:

Also I am running FF Developer Edition 70.0b2

Not just nightly, I’m running FF 69.0.

Just ran gatsby new hello-world https://github.com/gatsbyjs/gatsby-starter-hello-world and then gatsby develop and see the same screen as above.

I have FF’s security and privacy settings all turned on but wouldn’t expect that to effect this. Switched them all back to standard and still get this screen.