feat: Add content script world isolation (#17032)

* Execute content script in isolated world * Inject script into newly created extension worlds * Create new content_script_bundle for extension scripts * Initialize chrome API in content script bundle * Define Chrome extension isolated world ID range 1 << 20 was chosen as it provides a sufficiently large range of IDs for extensions, but also provides a large enough buffer for any user worlds in [1000, 1 << 20). Ultimately this range can be changed if any user application raises it as an issue. * Insert content script CSS into document This now avoids a script wrapper to inject the style sheet. This closely matches the code used by chromium in `ScriptInjection::InjectCss`. * Pass extension ID to isolated world via v8 private
2019-03-11 19:27:57 -04:00 · 2019-03-11 19:27:57 -04:00 · f943db7ad5
commit f943db7ad5
parent 6072da239d
11 changed files with 187 additions and 44 deletions
--- a/atom/renderer/atom_render_frame_observer.cc
+++ b/atom/renderer/atom_render_frame_observer.cc
@ -113,6 +113,12 @@ void AtomRenderFrameObserver::DidCreateScriptContext(
    CreateIsolatedWorldContext();
    renderer_client_->SetupMainWorldOverrides(context, render_frame_);
  }
+
+  if (world_id >= World::ISOLATED_WORLD_EXTENSIONS &&
+      world_id <= World::ISOLATED_WORLD_EXTENSIONS_END) {
+    renderer_client_->SetupExtensionWorldOverrides(context, render_frame_,
+                                                   world_id);
+  }
 }

 void AtomRenderFrameObserver::DraggableRegionsChanged() {