feat: Add content script world isolation (#17032)

* Execute content script in isolated world * Inject script into newly created extension worlds * Create new content_script_bundle for extension scripts * Initialize chrome API in content script bundle * Define Chrome extension isolated world ID range 1 << 20 was chosen as it provides a sufficiently large range of IDs for extensions, but also provides a large enough buffer for any user worlds in [1000, 1 << 20). Ultimately this range can be changed if any user application raises it as an issue. * Insert content script CSS into document This now avoids a script wrapper to inject the style sheet. This closely matches the code used by chromium in `ScriptInjection::InjectCss`. * Pass extension ID to isolated world via v8 private
2019-03-11 19:27:57 -04:00 · 2019-03-11 19:27:57 -04:00 · f943db7ad5
commit f943db7ad5
parent 6072da239d
11 changed files with 187 additions and 44 deletions
--- a/lib/renderer/content-scripts-injector.ts
+++ b/lib/renderer/content-scripts-injector.ts
@ -1,5 +1,24 @@
 import { ipcRendererInternal } from '@electron/internal/renderer/ipc-renderer-internal'
-import { runInThisContext } from 'vm'
+import { webFrame } from 'electron'
+
+const v8Util = process.atomBinding('v8_util')
+
+const IsolatedWorldIDs = {
+  /**
+   * Start of extension isolated world IDs, as defined in
+   * atom_render_frame_observer.h
+   */
+  ISOLATED_WORLD_EXTENSIONS: 1 << 20
+}
+
+let isolatedWorldIds = IsolatedWorldIDs.ISOLATED_WORLD_EXTENSIONS
+const extensionWorldId: {[key: string]: number | undefined} = {}
+
+// https://cs.chromium.org/chromium/src/extensions/renderer/script_injection.cc?type=cs&sq=package:chromium&g=0&l=52
+const getIsolatedWorldIdForInstance = () => {
+  // TODO(samuelmaddock): allocate and cleanup IDs
+  return isolatedWorldIds++
+}

 // Check whether pattern matches.
 // https://developer.chrome.com/extensions/match_patterns
@ -12,21 +31,21 @@ const matchesPattern = function (pattern: string) {

 // Run the code with chrome API integrated.
 const runContentScript = function (this: any, extensionId: string, url: string, code: string) {
-  const context: { chrome?: any } = {}
-  require('@electron/internal/renderer/chrome-api').injectTo(extensionId, false, context)
-  const wrapper = `((chrome) => {\n  ${code}\n  })`
-  try {
-    const compiledWrapper = runInThisContext(wrapper, {
-      filename: url,
-      lineOffset: 1,
-      displayErrors: true
-    })
-    return compiledWrapper.call(this, context.chrome)
-  } catch (error) {
-    // TODO(samuelmaddock): Run scripts in isolated world, see chromium script_injection.cc
-    console.error(`Error running content script JavaScript for '${extensionId}'`)
-    console.error(error)
-  }
+  // Assign unique world ID to each extension
+  const worldId = extensionWorldId[extensionId] ||
+    (extensionWorldId[extensionId] = getIsolatedWorldIdForInstance())
+
+  // store extension ID for content script to read in isolated world
+  v8Util.setHiddenValue(global, `extension-${worldId}`, extensionId)
+
+  webFrame.setIsolatedWorldInfo(worldId, {
+    name: `${extensionId} [${worldId}]`
+    // TODO(samuelmaddock): read `content_security_policy` from extension manifest
+    // csp: manifest.content_security_policy,
+  })
+
+  const sources = [{ code, url }]
+  webFrame.executeJavaScriptInIsolatedWorld(worldId, sources)
 }

 const runAllContentScript = function (scripts: Array<Electron.InjectionBase>, extensionId: string) {
@ -36,28 +55,7 @@ const runAllContentScript = function (scripts: Array<Electron.InjectionBase>, ex
 }

 const runStylesheet = function (this: any, url: string, code: string) {
-  const wrapper = `((code) => {
-    function init() {
-      const styleElement = document.createElement('style');
-      styleElement.textContent = code;
-      document.head.append(styleElement);
-    }
-    document.addEventListener('DOMContentLoaded', init);
-  })`
-
-  try {
-    const compiledWrapper = runInThisContext(wrapper, {
-      filename: url,
-      lineOffset: 1,
-      displayErrors: true
-    })
-
-    return compiledWrapper.call(this, code)
-  } catch (error) {
-    // TODO(samuelmaddock): Insert stylesheet directly into document, see chromium script_injection.cc
-    console.error(`Error inserting content script stylesheet ${url}`)
-    console.error(error)
-  }
+  webFrame.insertCSS(code)
 }

 const runAllStylesheet = function (css: Array<Electron.InjectionBase>) {