[webkit-changes] [WebKit/WebKit] d37bc8: Extension's options page crashes after navigating...
kiaraarose
noreply at github.com
Thu May 9 10:59:46 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d37bc8614bdb9e01fa16301fc079853d7d0b6453
https://github.com/WebKit/WebKit/commit/d37bc8614bdb9e01fa16301fc079853d7d0b6453
Author: Kiara Rose <kiara_rose at apple.com>
Date: 2024-05-09 (Thu, 09 May 2024)
Changed paths:
M Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPITabsCocoa.mm
M Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionContextCocoa.mm
M Source/WebKit/UIProcess/Extensions/WebExtensionContext.h
Log Message:
-----------
Extension's options page crashes after navigating to it with other extensions enabled
https://bugs.webkit.org/show_bug.cgi?id=273915
rdar://127752769
Reviewed by Brian Weinstein.
What's happening here is that an extension is trying to send a message to a tab with
full page extension content and we're sending the message to wrong content world.
Since the url of the tab of the page receiving the message isn't the url of the current
extension, we're sending the message to the content script world and not the main world.
To fix this, we should check if the url is any extension url, because in that case we
want to the message to the main world.
This crash was originally addressed in 277240 at main, but was partially reverted by the
permissions check being removed in WebExtensionContext:tabsSendMessage() in 278066 at main.
Note: we don't support extensions sending messages to other extensions, but we don't
want to return early/call the completion handler here if the page receiving the message
isn't same extension since it could have a subframe that can receive the message.
The message won't end up reaching any frames for another extension since it'll get
dropped in `WebExtensionContext::processes()`.
* Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPITabsCocoa.mm:
(WebKit::WebExtensionContext::tabsSendMessage):
(WebKit::WebExtensionContext::tabsConnect):
* Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionContextCocoa.mm:
(WebKit::WebExtensionContext::isURLForAnyExtension):
* Source/WebKit/UIProcess/Extensions/WebExtensionContext.h:
Canonical link: https://commits.webkit.org/278577@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list