| Index: extensions/renderer/script_context_set.cc
|
| diff --git a/extensions/renderer/script_context_set.cc b/extensions/renderer/script_context_set.cc
|
| index adefb3838becf53f84c3e4b2443eaf9dc34a45e5..276acae073c4459bddac1ce7e4cfb274d4d4dbc4 100644
|
| --- a/extensions/renderer/script_context_set.cc
|
| +++ b/extensions/renderer/script_context_set.cc
|
| @@ -140,8 +140,14 @@ const Extension* ScriptContextSet::GetExtensionFromFrameAndWorld(
|
| // Isolated worlds (content script).
|
| extension_id = ScriptInjection::GetHostIdForIsolatedWorld(world_id);
|
| } else {
|
| - // Extension pages (chrome-extension:// URLs).
|
| - GURL frame_url = ScriptContext::GetDataSourceURLForFrame(frame);
|
| + // For looking up the extension associated with this frame, we either want
|
| + // to use the current url or possibly the data source url (which this frame
|
| + // may be navigating to shortly), depending on the security origin of the
|
| + // frame. We don't always want to use the data source url because some
|
| + // frames (eg iframes and windows created via window.open) briefly contain
|
| + // an about:blank script context that is scriptable by their parent/opener
|
| + // before they finish navigating.
|
| + GURL frame_url = ScriptContext::GetAccessCheckedFrameURL(frame);
|
| frame_url = ScriptContext::GetEffectiveDocumentURL(frame, frame_url,
|
| use_effective_url);
|
| extension_id =
|
|
|
Chromium Code Reviews
Issue 2208483002:
Fix extension bindings injection for iframes (reland) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master