diff options
| author | kalman <kalman@chromium.org> | 2015-08-28 10:40:36 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-08-28 17:41:26 +0000 |
| commit | 1344c7dfde448d4b80693f597b02993b7f6bbd5b (patch) | |
| tree | 8510ed47d1de5c65cf99d44f08cc76dcef0ae163 /extensions/renderer/messaging_bindings.cc | |
| parent | fba7c7dbf2f19d701cbe5fa97ff2ce29b10e9f91 (diff) | |
| download | chromium_src-1344c7dfde448d4b80693f597b02993b7f6bbd5b.zip chromium_src-1344c7dfde448d4b80693f597b02993b7f6bbd5b.tar.gz chromium_src-1344c7dfde448d4b80693f597b02993b7f6bbd5b.tar.bz2 | |
Check the tab ID before delivering an extension message.
r335753 changed extension messaging to use RenderFrames, which had the
side-effect of delivering messages to every RenderFrame in a process,
which may include other tabs.
This patch fixes that by sending the target tab ID along with the message. A
more principled fix would have been to track RenderFrames on the browser and
send to precisely the right ones, but this would need to be part of a more
comprehensive refactor.
I also fixed up ExtensionApiTest.Connect and re-enabled, which was disabled
years ago due to flakiness. Hopefully my test JS changes will fix that.
BUG=520303
R=rdevlin.cronin@chromium.org, dcheng@chromium.org
Review URL: https://codereview.chromium.org/1318153002
Cr-Commit-Position: refs/heads/master@{#346176}
Diffstat (limited to 'extensions/renderer/messaging_bindings.cc')
| -rw-r--r-- | extensions/renderer/messaging_bindings.cc | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/extensions/renderer/messaging_bindings.cc b/extensions/renderer/messaging_bindings.cc index 1e0f6e2..777f24f 100644 --- a/extensions/renderer/messaging_bindings.cc +++ b/extensions/renderer/messaging_bindings.cc @@ -25,6 +25,7 @@ #include "extensions/common/manifest_handlers/externally_connectable.h" #include "extensions/renderer/dispatcher.h" #include "extensions/renderer/event_bindings.h" +#include "extensions/renderer/extension_frame_helper.h" #include "extensions/renderer/gc_callback.h" #include "extensions/renderer/object_backed_native_handler.h" #include "extensions/renderer/script_context.h" @@ -291,6 +292,15 @@ void DispatchOnConnectToScriptContext( if (info.target_frame_id > 0 && renderframe->GetRoutingID() != info.target_frame_id) return; + + // Bandaid fix for crbug.com/520303. + // TODO(rdevlin.cronin): Fix this properly by routing messages to the correct + // RenderFrame from the browser (same with |target_frame_id| in fact). + if (info.target_tab_id != -1 && + info.target_tab_id != ExtensionFrameHelper::Get(renderframe)->tab_id()) { + return; + } + v8::Isolate* isolate = script_context->isolate(); v8::HandleScope handle_scope(isolate); |