Bug#1105817: Firefox::Marionette: firefox 138 needs -remote-allow-system-access argument for $m->download

gregor herrmann gregoa at debian.org
Thu May 15 16:31:38 BST 2025


On Thu, 15 May 2025 10:16:06 +0000, Damyan Ivanov wrote:

>Since the upgrade of firefox to 138, using the 'download' method fails with the
>following error:
>
> System access is required to switch to chrome scope. Start Firefox with
> "-remote-allow-system-access" to enable it.

Nice catch!

The build in unstable also fails when I change the B-D to just 
"firefox", saying

<< 927:[1,6,{"error":"unsupported operation","message":"System access is required to switch to chrome scope. Start Firefox with \"-remote-allow-system-access\" to enable it.","stacktrace":"RemoteError at chrome://remote/content/shared/RemoteError.sys.mjs:8:8\nWebDriverError at chrome://remote/content/shared/webdriver/Errors.sys.mjs:199:5\nUnsupportedOperationError at chrome://remote/content/shared/webdriver/Errors.sys.mjs:927:5\nset at chrome://remote/content/marionette/driver.sys.mjs:338:13\nGeckoDriver.prototype.setContext at chrome://remote/content/marionette/driver.sys.mjs:811:3\ndespatch at chrome://remote/content/marionette/server.sys.mjs:318:40\nexecute at chrome://remote/content/marionette/server.sys.mjs:289:16\nonPacket/<@chrome://remote/content/marionette/server.sys.mjs:262:20\nonPacket@chrome://remote/content/marionette/server.sys.mjs:263:9\n_onJSONObjectReady/<@chrome://remote/content/marionette/transport.sys.mjs:494:20\n"},null]
unsupported operation: System access is required to switch to chrome scope. Start Firefox with "-remote-allow-system-access" to enable it. at t/01-marionette.t line 806

>Indeed, adding the following after line 4702 of Marionette.pm makes the error
>go away:
>
>    if ($self->_is_firefox_major_version_at_least(138)) {
>        push @arguments, '-remote-allow-system-access';
>    }

And with this change the testsuite passes against FF 138.


What looks a bit scary is:

https://firefox-source-docs.mozilla.org/remote/Security.html

     Note: Enabling this flag grants unrestricted access to all 
     available Gecko APIs for both the Marionette and WebDriver BiDi 
     protocols, allowing tests to interact directly with the host 
     system or the device running the test. Use this flag only when 
     absolutely necessary.


OTOH, reading https://firefox-source-docs.mozilla.org/remote/Prefs.html
this might be the preferred way:

     Instead of switching the preference value, the client should 
     ideally fix the breakage by passing -remote-allow-system-access 
     as an argument to the Firefox binary.


I've prepared a patch in git but I'm first forwarding the bug report 
to see if/what upstream has to say about it.


Cheers,
gregor

-- 
  .''`.  https://info.comodo.priv.at -- Debian Developer https://www.debian.org
  : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D  85FA BB3A 6801 8649 AA06
  `. `'  Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
    `-   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: Digital Signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/attachments/20250515/414abcf8/attachment.sig>


More information about the pkg-perl-maintainers mailing list