Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Extension's options page crashes after navigating to it with other e…
…xtensions enabled https://bugs.webkit.org/show_bug.cgi?id=273915 rdar://127752769 Reviewed by Brian Weinstein. What's happening here is that an extension is trying to send a message to a tab with full page extension content and we're sending the message to wrong content world. Since the url of the tab of the page receiving the message isn't the url of the current extension, we're sending the message to the content script world and not the main world. To fix this, we should check if the url is any extension url, because in that case we want to the message to the main world. This crash was originally addressed in 277240@main, but was partially reverted by the permissions check being removed in WebExtensionContext:tabsSendMessage() in 278066@main. Note: we don't support extensions sending messages to other extensions, but we don't want to return early/call the completion handler here if the page receiving the message isn't same extension since it could have a subframe that can receive the message. The message won't end up reaching any frames for another extension since it'll get dropped in `WebExtensionContext::processes()`. * Source/WebKit/UIProcess/Extensions/Cocoa/API/WebExtensionContextAPITabsCocoa.mm: (WebKit::WebExtensionContext::tabsSendMessage): (WebKit::WebExtensionContext::tabsConnect): * Source/WebKit/UIProcess/Extensions/Cocoa/WebExtensionContextCocoa.mm: (WebKit::WebExtensionContext::isURLForAnyExtension): * Source/WebKit/UIProcess/Extensions/WebExtensionContext.h: Canonical link: https://commits.webkit.org/278577@main
- Loading branch information