Issue 1843943003: Extension-created windows should share the creator's BrowingInstance.

Issue 1843943003: Extension-created windows should share the creator's BrowingInstance. (Closed)

Created:
4 years, 8 months ago by dcheng

Modified:
4 years, 8 months ago

Reviewers:
msw, Devlin

CC:
chromium-apps-reviews_chromium.org, chromium-reviews, extensions-reviews_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Extension-created windows should share the creator's BrowingInstance. Without plumbing through the source SiteInstance, the created window always ends up cross process and unscriptable by the background page that created it. This means a background page that opens an extension resource won't be able to script it, even though they are in related browsing contexts and have the same origin. Note that navigations to non-extension origins will still trigger a process swap so we don't lose extension isolation. This also fixes CreateTargetContents to use the source_site_instance parameter if specified; otherwise, the newly created contents will never be scriptable by same-site pages. Also see r365431 which fixed the same problem for panels. BUG=597750 Committed: https://crrev.com/7a9e836958ce3a7a2ddf40a4c8548678ffcbefc8 Cr-Commit-Position: refs/heads/master@{#384655}

Patch Set 1 #

Patch Set 2 : . #

Patch Set 3 : With a (broken) test #

Patch Set 4 : And with a working test. #

Patch Set 5 : Clean up stray include and fix unrelated unit test #

Total comments: 8

Patch Set 6 : Review comments #

Created: 4 years, 8 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+58 lines, -13 lines)			Patch
M	chrome/browser/extensions/api/tabs/tabs_api.cc	View	1 2 3 4 5	2 chunks	+10 lines, -5 lines	0 comments	Download
M	chrome/browser/extensions/api/tabs/tabs_test.cc	View	1 2 3 4	2 chunks	+4 lines, -0 lines	0 comments	Download
M	chrome/browser/extensions/extension_apitest.h	View	1 2 3	1 chunk	+5 lines, -0 lines	0 comments	Download
M	chrome/browser/extensions/extension_apitest.cc	View	1 2 3	1 chunk	+7 lines, -0 lines	0 comments	Download
M	chrome/browser/extensions/window_open_apitest.cc	View	1 2 3	2 chunks	+14 lines, -5 lines	0 comments	Download
M	chrome/browser/ui/browser_navigator.cc	View	1	1 chunk	+3 lines, -1 line	0 comments	Download
M	chrome/test/data/extensions/api_test/window_open/panel_browsing_instance/background.js	View	1 2 3 4 5	4 chunks	+15 lines, -2 lines	0 comments	Download

Messages

Total messages: 15 (6 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

Devlin

https://codereview.chromium.org/1843943003/diff/80001/chrome/browser/extensions/api/tabs/tabs_api.cc File chrome/browser/extensions/api/tabs/tabs_api.cc (left): https://codereview.chromium.org/1843943003/diff/80001/chrome/browser/extensions/api/tabs/tabs_api.cc#oldcode645 chrome/browser/extensions/api/tabs/tabs_api.cc:645: WebContents* tab = chrome::AddSelectedTabWithURL( Do we still need browser_tabstrip.h? ...

4 years, 8 months ago (2016-04-01 17:20:57 UTC) #5

dcheng

4 years, 8 months ago (2016-04-01 17:42:00 UTC) #6

Devlin

lgtm https://codereview.chromium.org/1843943003/diff/80001/chrome/browser/extensions/api/tabs/tabs_api.cc File chrome/browser/extensions/api/tabs/tabs_api.cc (right): https://codereview.chromium.org/1843943003/diff/80001/chrome/browser/extensions/api/tabs/tabs_api.cc#newcode649 chrome/browser/extensions/api/tabs/tabs_api.cc:649: navigate_params.source_site_instance = On 2016/04/01 17:42:00, dcheng wrote: > ...

4 years, 8 months ago (2016-04-01 18:56:34 UTC) #7

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1843943003/100001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1843943003/100001

4 years, 8 months ago (2016-04-01 19:02:08 UTC) #11

commit-bot: I haz the power

Description was changed from ========== Extension-created windows should share the creator's BrowingInstance. Without plumbing through ...

4 years, 8 months ago (2016-04-01 19:11:51 UTC) #13

commit-bot: I haz the power

Patchset 6 (id:??) landed as https://crrev.com/7a9e836958ce3a7a2ddf40a4c8548678ffcbefc8 Cr-Commit-Position: refs/heads/master@{#384655}

4 years, 8 months ago (2016-04-01 19:11:52 UTC) #14

dcheng

4 years, 8 months ago (2016-04-02 00:54:25 UTC) #15

Message was sent while issue was closed.

Oops, forgot to send draft comments.

https://codereview.chromium.org/1843943003/diff/80001/chrome/browser/extensio...
File chrome/browser/extensions/api/tabs/tabs_api.cc (right):

https://codereview.chromium.org/1843943003/diff/80001/chrome/browser/extensio...
chrome/browser/extensions/api/tabs/tabs_api.cc:649:
navigate_params.source_site_instance =
On 2016/04/01 at 18:56:34, Devlin wrote:
> On 2016/04/01 17:42:00, dcheng wrote:
> > On 2016/04/01 at 17:20:57, Devlin wrote:
> > > "Without plumbing through the source SiteInstance, the created window
> > > ends up cross process and unscriptable by the background page that
> > > created it."
> > > 
> > > I'm not quite sure I follow - don't we sometimes (often) want that?  If an
> > extension creates a window that has urls to http://google.com,
http://facebook.com, and
> > http://yourbank.com, why would we want that in the same process and
scriptable?
> > 
> > It'd cause a navigation from an extension origin to a web origin, which
should
> > process swap. What's broken is if an extension navigates to its own
resource, it
> > can't script itself even though it should be in a 'related browsing
context'.
> 
> Ah, got it - can you add that to the CL description?

Done.

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages