-
Notifications
You must be signed in to change notification settings - Fork 240
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Get script injection working for Chrome MV3 builds of the extension (#…
…1389) Chrome Manifest V3 introduces the new scripting API[1] that can inject scripts directly into the "main world" of a website. Along with that, Manifest V3 prevents the old pattern of injecting a script element into the DOM. Adjust to those changes here, to get our injected protections working again. Note: about:blank frame script injection is not yet working[2]. 1 - https://developer.chrome.com/docs/extensions/reference/scripting 2 - https://crbug.com/1360392
- Loading branch information
Showing
8 changed files
with
123 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
const browserWrapper = require('./wrapper.es6') | ||
|
||
// With Manifest V2 the content scripts are run directly from the manifest and | ||
// they inject into the main world of websites by adding a <script> element to | ||
// the DOM. With Manifest V3 however the chrome.scripting API must be used to | ||
// inject scripts into the main world. | ||
// Note: It's important that the isolated world script runs first. The order the | ||
// scripts are added by registerContentScripts is based on the script ID, | ||
// but note that's an implementation detail (from use of std::set for new | ||
// script IDs[1]) and could change in the future. | ||
// 1 - https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/extensions/api/scripting/scripting_api.cc;l=929 | ||
if (browserWrapper.getManifestVersion() === 3) { | ||
// @ts-ignore - The chrome type does not yet know about | ||
// registerContentScripts. | ||
chrome.scripting.registerContentScripts([{ | ||
id: '1-script-injection-isolated-world', | ||
allFrames: true, | ||
js: ['public/js/content-scripts/content-scope-messaging.js'], | ||
runAt: 'document_start', | ||
world: 'ISOLATED', | ||
matches: ['<all_urls>'] | ||
}, { | ||
id: '2-script-injection-main-world', | ||
allFrames: true, | ||
js: ['public/js/inject.js'], | ||
runAt: 'document_start', | ||
world: 'MAIN', | ||
matches: ['<all_urls>'] | ||
}]) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
function getSecret () { | ||
return new Promise(resolve => { | ||
window.addEventListener('ddg-secret', event => { | ||
event.stopImmediatePropagation() | ||
resolve(event.detail) | ||
}, { once: true }) | ||
}) | ||
} | ||
|
||
async function init () { | ||
const secret = await getSecret() | ||
|
||
chrome.runtime.onMessage.addListener((message) => { | ||
window.dispatchEvent(new CustomEvent(secret, { | ||
detail: message | ||
})) | ||
}) | ||
|
||
chrome.runtime.sendMessage({ | ||
messageType: 'registeredContentScript', | ||
options: { | ||
documentUrl: window.location.href | ||
} | ||
}, argumentsObject => { | ||
// Setup debugging messages if necessary. | ||
if (argumentsObject.debug) { | ||
window.addEventListener('message', message => { | ||
if (message.data.action && message.data.message) { | ||
chrome.runtime.sendMessage({ | ||
messageType: 'debuggerMessage', | ||
options: message.data | ||
}) | ||
} | ||
}) | ||
} | ||
|
||
// Init the content-scope-scripts with the argumentsObject. | ||
window.dispatchEvent(new CustomEvent(secret, { | ||
detail: { | ||
type: 'register', | ||
argumentsObject | ||
} | ||
})) | ||
}) | ||
} | ||
|
||
init() |