From 651231fbc136ad2574c18d837151aa4dd6c2306e Mon Sep 17 00:00:00 2001
From: ispedals <ispedals@users.noreply.github.com>
Date: Sat, 18 Jun 2016 18:35:41 -0400
Subject: [PATCH] Use iFrame srcdoc attribute to set the content of the popup

Previously the contentdocument of the iFrame was opened and
document.write() was being used set the contents of the popup.
In Gecko, content scripts do not have the same security context
as of the embedded page, so the call to document.open() results in
a SecurityError.
---
 ext/fg/js/popup.js | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/ext/fg/js/popup.js b/ext/fg/js/popup.js
index 78106319..4c2b18f7 100644
--- a/ext/fg/js/popup.js
+++ b/ext/fg/js/popup.js
@@ -62,10 +62,8 @@ class Popup {
             return;
         }
 
-        const doc = this.popup.contentDocument;
-        doc.open();
-        doc.write(content);
-        doc.close();
+        const doc = this.popup;
+        doc.srcdoc=content;
     }
 
     sendMessage(action, params, callback) {