Install the KeePassXC browser extension (add-on/WebExtension)
→ Now try to connect → it will not work due to flatpak sandboxing.
Idea
Now, my proposed solution is based on this idea:
Apparently, you can solve it by two simple steps:
keepasxc-proxy binary to Firefox’s sandbox (it needs to be statically linked though, or the Rust version)
Allowing Firefox to access the socket of KeePassXC which is just flatpak override --filesystem=xdg-run/app/org.keepassxc.KeePassXC/org.keepassxc.KeePassXC.BrowserServer org.mozilla.firefox
This now can be shipped by a thing called flatpak extensions (which work like plugins), because flatpak supports this: Extensions - Flatpak documentation
Install the KeePassXC browser extension (add-on/WebExtension)
New: (at any point of time) Install the flatpak extension for KeePassXC.
IMHO, this would be a very big achievement and improvement already. I mean especially if it is compared against the thing “not working at all”.
And as alternative solutions are not there yet, maybe this is a good idea?
Also, could it be published on Flathub (by someone else) and still work in the official Firefox flatpak?
I could not make an up-to-date screenshot of how that would be shown in GNOME Software, but in the past at least you could see extensions there (called “Add-ons”, apparently):
To be honest without this working. flatpak browser wise is pointless. yea you can do the workaround but normal users wont do that an will just think its broken. An send tickets if at all to the wrong people.
As it stands its a wall to immutable desktops if they don’t have layering where you can just install the browser on the system. Like with ostree. Though that’s still more then a normal user would do.
Seriously, do some of us really wonder how everything binary continues to manifest such a privacy/security disaster…even “informed” users simply don’t innerstand the cost of the “tyranny of convenience”, along with the dark destructive nature of effortless. If one doesn’t want or appreciate an application sandboxed, simply don’t use it. D’oh!