[webkit-changes] [WebKit/WebKit] 3b5714: Content Scripts running in subframe without mainfr...
Timothy Hatcher
noreply at github.com
Fri Apr 26 18:21:09 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 3b5714016d2450752f2d89e2068d44bcbae9945c
https://github.com/WebKit/WebKit/commit/3b5714016d2450752f2d89e2068d44bcbae9945c
Author: Timothy Hatcher <timothy at apple.com>
Date: 2024-04-26 (Fri, 26 Apr 2024)
Changed paths:
M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIStorageCocoa.mm
M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPITabsCocoa.mm
M Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionContextCocoa.mm
M Source/WebKit/UIProcess/Extensions/WebExtensionContext.h
M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIRuntime.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIStorage.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPITabs.mm
Log Message:
-----------
Content Scripts running in subframe without mainframe permission fail to work properly.
https://webkit.org/b/270218
rdar://problem/123750228
Reviewed by Brian Weinstein.
Allow sending a message to a tab even if the extension does not have permissions for
the main frame. The other browsers don't reject with an error in this case, the message
is just dropped on the floor later on in processes() when the listeners are checked.
Also allows subframes with content scripts to access storage if the main frame does not
have host permission. This was being blocked by a permission check, but that required main
frame host permissions. This is already covered in a permissive way for frames by the
isStorageMessageAllowed() check that happens when a storage IPC message is received.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPIStorageCocoa.mm:
(WebKit::WebExtensionContext::storageGet): Removed extensionCanAccessWebPage() call.
(WebKit::WebExtensionContext::storageGetBytesInUse): Ditto.
(WebKit::WebExtensionContext::storageSet): Ditto.
(WebKit::WebExtensionContext::storageRemove): Ditto.
(WebKit::WebExtensionContext::storageClear): Ditto.
(WebKit::WebExtensionContext::storageSetAccessLevel): Ditto.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPITabsCocoa.mm:
(WebKit::WebExtensionContext::tabsSendMessage): Removed permission check / error.
(WebKit::WebExtensionContext::tabsConnect): Ditto.
* Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionContextCocoa.mm:
(WebKit::WebExtensionContext::extensionCanAccessWebPage): Deleted.
* Source/WebKit/UIProcess/Extensions/WebExtensionContext.h:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIRuntime.mm:
(TestWebKitAPI::TEST(WKWebExtensionAPIRuntime, SendMessageFromSubframe)): Added.
(TestWebKitAPI::TEST(WKWebExtensionAPIRuntime, ConnectFromSubframe)): Added.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPIStorage.mm:
(TestWebKitAPI::TEST(WKWebExtensionAPIStorage, StorageFromSubframe)): Added.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtensionAPITabs.mm:
(TestWebKitAPI::TEST(WKWebExtensionAPITabs, SendMessageFromBackgroundToSubframe)): Added.
(TestWebKitAPI::TEST(WKWebExtensionAPITabs, ConnectToSubframe)): Added.
Canonical link: https://commits.webkit.org/278066@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list