diff --git a/lib/browser/chrome-extension.js b/lib/browser/chrome-extension.js index 627487ae217c..3f4561f8d9de 100644 --- a/lib/browser/chrome-extension.js +++ b/lib/browser/chrome-extension.js @@ -201,7 +201,18 @@ ipcMain.on('CHROME_TABS_SEND_MESSAGE', function (event, tabId, extensionId, isBa resultID++ }) +const isChromeExtension = function (pageURL) { + const { protocol } = url.parse(pageURL) + return protocol === 'chrome-extension:' +} + ipcMain.on('CHROME_TABS_EXECUTESCRIPT', function (event, requestId, tabId, extensionId, details) { + const pageURL = event.sender._getURL() + if (!isChromeExtension(pageURL)) { + console.error(`Blocked ${pageURL} from calling chrome.tabs.executeScript()`) + return + } + const contents = webContents.fromId(tabId) if (!contents) { console.error(`Sending message to unknown tab ${tabId}`)