insecure sources are not allowed in content_security_policy.extension_pages (Firefox)

[bakatrouble]

Describe the bug

When I try to launch the project in Firefox, I'm getting the following warning on the about:debugging#/runtime/this-firefox page:

Reading manifest: Error processing content_security_policy.extension_pages: ‘script-src’ directive contains a forbidden http: protocol source

Thus as far as I understand the script in popup can't load and I'm getting Vite server did not start message.

It does work with MV2 though

Reproduction

Clone repository, pnpm i, pnpm dev-firefox, pnpm start:firefox

System Info

System:
    OS: Linux 6.3 Arch Linux
    CPU: (32) x64 AMD Ryzen 9 7950X 16-Core Processor
    Memory: 30.44 GB / 62.54 GB
    Container: Yes
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 20.2.0 - /usr/bin/node
    Yarn: 1.22.19 - /usr/bin/yarn
    npm: 8.19.2 - /usr/bin/npm
  Browsers:
    Chromium: 114.0.5735.90
    Firefox: 113.0.2

Used Package Manager

pnpm

Validations

• Follow our Code of Conduct
• Read the Contributing Guide.
• Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.
• Check that this is a concrete bug. For Q&A, please open a GitHub Discussion instead.
• The provided reproduction is a minimal reproducible of the bug.

[djfhe]

Did run into the same issue. Seems like a Firefox bug.
https://bugzilla.mozilla.org/show_bug.cgi?id=1864284