Bug 1554260 - Send WebExtension Page messages to GeckoSession. r=snorp

WebExtension pages introduce a case that was previously not possible: a script
with full WebExtension privileges that runs on a page with a GeckoSession
associated to it.

This breaks the assumption that all messages from a privileged context don't
have a GeckoSession associated to it. We fix this by checking if we can find an
eventDispatcher for the given window.

This also fixes the test which had the same wrong assumption.

Differential Revision: https://phabricator.services.mozilla.com/D32512

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Agi Sferro 2019-06-10 20:09:25 +00:00
Родитель f43371a2ff
Коммит a641bc8da0
3 изменённых файлов: 11 добавлений и 8 удалений

Просмотреть файл

@ -481,9 +481,9 @@ class WebExtensionTest : BaseSessionTest() {
}
extension = WebExtension("resource://android/assets/web_extensions/extension-page-update/")
extension.setMessageDelegate(messageDelegate, "browser")
sessionRule.waitForResult(sessionRule.runtime.registerWebExtension(extension))
mainSession.setMessageDelegate(messageDelegate, "browser")
mainSession.loadUri("http://example.com");

Просмотреть файл

@ -73,12 +73,7 @@ import java.util.Map;
if ("content_child".equals(envType)) {
environmentType = WebExtension.MessageSender.ENV_TYPE_CONTENT_SCRIPT;
} else if ("addon_child".equals(envType)) {
if (session != null) {
// This message came from a content process but it claims to be from an extension
// environment, which can't be true. This maybe caused by a compromised content process.
// TODO: Bug 1534640, we need to check for extension process here too.
return null;
}
// TODO Bug 1554277: check that this message is coming from the right process
environmentType = WebExtension.MessageSender.ENV_TYPE_EXTENSION;
} else {
environmentType = WebExtension.MessageSender.ENV_TYPE_UNKNOWN;

Просмотреть файл

@ -78,7 +78,15 @@ class GeckoViewConnection {
get dispatcher() {
if (this.sender.envType === "addon_child") {
// For background scripts, use the global event handler
// If this is a WebExtension Page we will have a GeckoSession associated
// to it and thus a dispatcher.
const dispatcher = GeckoViewUtils.getDispatcherForWindow(this.target.ownerGlobal);
if (dispatcher) {
return dispatcher;
}
// No dispatcher means this message is coming from a background script,
// use the global event handler
return EventDispatcher.instance;
} else if (this.sender.envType === "content_child"
&& this.allowContentMessaging) {