From 52277c872b368db45bc6d2f2bd9a4b7a0eb2ce8d Mon Sep 17 00:00:00 2001
From: rob <rob@robwu.nl>
Date: Sun, 7 Feb 2016 09:28:57 -0800
Subject: Add frameId to chrome.tabs.executeScript/insertCSS

- Re-implemented https://codereview.chromium.org/952473002/, with all
  checks at the browser side instead of just the renderer.

- Use the last committed URL for checking permissions instead of the
  visible URL. As a result, executeScript/insertCSS will now succeed in
  frames where the currently committed page is scriptable by extensions,
  but the target of the pending navigation is is not.

- ExecuteScript: Do not send IPC to non-live frames (they're not going
  to reply anyway).

- Include URL in the error if the extension has the tabs permission
  (follow-up to TODO from https://codereview.chromium.org/1414223005).

BUG=63979,551626
TEST=./browser_tests --gtest_filter=ExecuteScriptApiTest.*
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_site_isolation

Review URL: https://codereview.chromium.org/1628423002

Cr-Commit-Position: refs/heads/master@{#374057}
---
 extensions/common/api/extension_types.json | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'extensions/common')

diff --git a/extensions/common/api/extension_types.json b/extensions/common/api/extension_types.json
index 29562ee..9f27590 100644
--- a/extensions/common/api/extension_types.json
+++ b/extensions/common/api/extension_types.json
@@ -45,7 +45,17 @@
         "properties": {
           "code": {"type": "string", "optional": true, "description": "JavaScript or CSS code to inject.<br><br><b>Warning:</b><br>Be careful using the <code>code</code> parameter. Incorrect use of it may open your extension to <a href=\"https://en.wikipedia.org/wiki/Cross-site_scripting\">cross site scripting</a> attacks."},
           "file": {"type": "string", "optional": true, "description": "JavaScript or CSS file to inject."},
-          "allFrames": {"type": "boolean", "optional": true, "description": "If allFrames is <code>true</code>, implies that the JavaScript or CSS should be injected into all frames of current page. By default, it's <code>false</code> and is only injected into the top frame."},
+          "allFrames": {
+            "type": "boolean",
+            "optional": true,
+            "description": "If allFrames is <code>true</code>, implies that the JavaScript or CSS should be injected into all frames of current page. By default, it's <code>false</code> and is only injected into the top frame. If <code>true</code> and <code>frameId</code> is set, then the code is inserted in the selected frame and all of its child frames."
+          },
+          "frameId": {
+            "type": "integer",
+            "optional": true,
+            "minimum": 0,
+            "description": "The <a href='webNavigation#frame_ids'>frame</a> where the script or CSS should be injected. Defaults to 0 (the top-level frame)."
+          },
           "matchAboutBlank": {"type": "boolean", "optional": true, "description": "If matchAboutBlank is true, then the code is also injected in about:blank and about:srcdoc frames if your extension has access to its parent document. Code cannot be inserted in top-level about:-frames. By default it is <code>false</code>."},
           "runAt": {
             "$ref": "RunAt",
-- 
cgit v1.1