Evil Firefox Error — “A parameter or an operation is not supported by the underlying object”

Question

I\'m trying to figure out what is going on here. I\'ve been at it for hours now and can\'t seem to get a grip on why this is happening.

I\'m making a few AJAX calls, and

Answer 1

Since this is the first duckduckgo result for InvalidAccessError: A parameter or an operation is not supported by the underlying object I will add another source for this.

If you deal with such error when doing iframe/window actions, then you're probably prevented by the iframe's sandbox attribute (see https://html.spec.whatwg.org/multipage/iframe-embed-object.html#attr-iframe-sandbox ) even when being on the same origin.

In my case, an iframe was trying to do a window.top.location.href = ... after a form submission success. The allow-top-navigation sandbox option is mandatory to do so. Funny thing, this sandbox option is not mandatory to reload the top browsing context... it's only required for navigating in it.

Answer 2

Just want to add a somewhat nasty intermittent variant of Xenos's answer. As he mentioned, you can get this problem if you try and navigate the window by setting window.top.location.href = ... from within a sandboxed iframe, and that this can be prevented if your iframe has the allow-top-navigation option set.

But you might also find your iframe has the more restrictive allow-top-navigation-by-user-activation option. This will allow navigation, but only in response to a user action such as clicking a link or a button. For example, it will be allowed within a form submit event handler, but you can't just trigger it at an arbitrary point in time, such as from a setTimeout() callback with a long delay.

This can be problematic if you are (for example) using AJAX form submission before performing a redirect. The browser needs to decide if the navigation is in response to a user action or not. It does this by only allowing the navigation if it is considered to have happened within an acceptable time period of the user interaction. The HTML standard refers to this as transient activation.

The bottom line is that if your AJAX call is too slow, or if your user has a poor network connection, the navigation will fail. How slow is too slow? I have only tested Firefox, but it appears to allow 5 seconds before it considers the user interaction to have expired.

Possible solutions:

• Ask whoever is responsible for the iframe options to upgrade to the blanket allow-top-navigation option
• Don't perform async work such as AJAX requests in between user actions and top navigation. For example, use old-school POST form submission directly to the back-end, rather than using an AJAX request
• Make sure your responses are as fast as possible. Catch any errors, and prompt the user to click something to trigger the navigation manually. For example:

async function submitForm() {
    await doPotentiallySlowAsyncFormSubmit()
    try {
        window.top.location.href = ...
    } catch (e) {
        // Show message to user, e.g. "Form submitted, click here to go to the next step"
    }
}

Answer 3

this is the real solution by Diogo Cardoso, the xhr object or parent seems to lack a toString() method

CORS synchronous requests not working in firefox

Answer 4

For me, I was using WebSockets and called WebSocket.close(1001). It doesn't like my status code. Changing it to 1000 or not specifying a code (default 1005) works just fine.

Answer 5

Okay, so after of hours of testing (and great discussion from @Dave and @danronmoon, I've finally figured out what's going on.

The CORS (Cross-Domain Resource Sharing) calls I was making were set to 'async: false' -- (which I realize I did not include in my original post, as I thought it was inconsequential) this, seems to operate fine in all browsers except Firefox, where jQuery will bark at you and your ajax call will fail.

Thank you all for your help and I hope this helps someone else!

Answer 6

Yes, it is a CORS problem caused by using ajax. But as user320550 asks, what if you NEED to use the property 'async:false'? I found that using the 'withCredentials:false' property as a workaround fixes the issue on firefox and doesn't affect other browsers.