If I dynamically insert a form object into a page, submit and remove the form and it works fine.
Here is an example of the form code:
<form target="_blank" enctype="multipart/form-data"
action="https://www.example.com/" method="POST">
<input value="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==" name="image_content" type="hidden">
<input value="" name="filename" type="hidden">
<input value="" name="image_url" type="hidden">
</form>
When I try to do the same process with loadOneTab()
, result POST
is not exactly the same and therefore the result is not the same as above.
On checking the headers, "some value" is not sent fully (gets cropped) and it sets Content-Length: 0
.
I must be missing something.
let postStream = Components.classes['@mozilla.org/network/mime-input-stream;1']
.createInstance(Components.interfaces.nsIMIMEInputStream);
postStream.addHeader('Content-Type', 'multipart/form-data');
postStream.addHeader('filename', '');
postStream.addHeader('image_url', '');
postStream.addHeader('image_content', 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==');
postStream.addContentLength = true;
window.gBrowser.loadOneTab('https://www.example.com/',
{inBackground: false, postData: postStream});
Note: image_content value is 'data:image/png;base64' Data URI
NoScript causes issues with sending form and XSS and I prefer to use loadOneTab
for the inBackground
Normally, one would use
FormData
to compose thepostData
of a request, but unfortunately we cannot do so here, as there is currently no way to get the stream (and other information) from aFormData
instance (nsIXHRSendable
is not scriptable, unfortunately), so we'll have to create amultipart/form-data
stream ourselves.Since it is likely you'll want to post some file data as well, I added file uploads as well. ;)
(You could use additional
nsIMIMEInputStream
instead of string-concatenating stuff together, but this would perform worse and has no real merit).Which can then be used like e.g.: