I have a signed and self-distributed extension (web extension format) which uses launchWebAuthFlow
to grab an OAuth token. When the OAuth provider redirects back to the redirect URL (https://<id>.extensions.allizom.org
as returned by getRedirectURL()
) in DE 58.0b4, I receive a 403 Forbidden error. However in normal FF Quantum 57.0 the request completes successfully.
Any idea why the extensions.allizom.org
request is failing in DE?
Edit to add: the SSL cert check for the allizom.org redirect URL fails as well in DE:
e8dd248662ffce379a122e1416e16a0266347994.extensions.allizom.org uses an invalid security certificate.
The certificate is only valid for the following names:
*.allizom.org, allizom.org
Error code: SSL_ERROR_BAD_CERT_DOMAIN
Again, in normal FF there are no SSL errors on the redirect URL.