[BUG] Codeium Extension's contentScript break all discuz forum to down.

[cesaryuan]

The code in https://github.com/Exafunction/codeium-chrome/blob/6af6b5ca76368f3b37edc909774cbe04d12cc472/src/contentScript.ts#L6 will break all websites that are built with Discuz.

Discuz is a popular open-source Internet forum software written in PHP. It was first released in 2003 and has become one of the most widely used forum platforms in China and other parts of the world.

Its ajaxpost uses such a technology, using JS script to build a form, the target of the form points to a frame named ajaxframe, so that the content of the URL of the form can be rendered to the ajaxframe. Moreover, the URL return content structure is <root> <![CDATA[SOMETEXT]]></root>, and then you can get the content of SOMETEXT through $(ajaxframeid).contentWindow.document.documentElement.firstChild.wholeText.

However, the emergence of the Codeium extension destroyed it. At this point, Codeium prepends a script element to <root>, which causes firstChild.wholeText to return undefined instead of SOMETEXT.

This makes many famous websites in China, such as https://www.52pojie.cn/, to not work.

Reproduce:

1. open "https://www.52pojie.cn/member.php?mod=logging&action=login&loginsubmit=yes&infloat=yes&lssubmit=yes&inajax=1"
2. See that <script/> be shown as firstChild of root.

Possible Solution

Only execute contentScript when page in Allowlist instead of all pages.

[pqn]

I think I have a fix for this, should be in the next release.

[pqn]

It's now in the published extension. I will close this for now. The fix will be open-sourced soon.