Use iFrame srcdoc attribute to set the content of the popup

Previously the contentdocument of the iFrame was opened and
document.write() was being used set the contents of the popup.
In Gecko, content scripts do not have the same security context
as of the embedded page, so the call to document.open() results in
a SecurityError.

ext/fg/js/popup.js

@@ -62,10 +62,8 @@ class Popup {
             return;
         }
 
-        const doc = this.popup.contentDocument;
-        doc.open();
-        doc.write(content);
-        doc.close();
+        const doc = this.popup;
+        doc.srcdoc=content;
     }
 
     sendMessage(action, params, callback) {