Closed F-OBrien closed 3 months ago
If you can pull in master that would be amazing so the CI can run again, and I will do a proper review of this PR.
@Tbaut Could you also check this out when you have a chance?
@TarikGul I've rebased rebased on master as requested. FYI Talisman also applied a similar fix today https://github.com/TalismanSociety/talisman/pull/1349
Sure, I'm not familiar with the issue (despite having seen and followed the linked one). I'll take a look.
@F-OBrien you mention in the last comment: https://github.com/polkadot-js/extension/issues/1293#issuecomment-1900267262 that it's better to not support iframes (I agree) and then say
sender.documentLifecycle === 'prerender' to use the sender.url as the from
But this is not what you have done here. Is there a reason for it?
@F-OBrien you mention in the last comment: #1293 (comment) that it's better to not support iframes (I agree) and then say
sender.documentLifecycle === 'prerender' to use the sender.url as the from
But this is not what you have done here. Is there a reason for it?
@Tbaut It's been a while since I looked at this. From what I recall I believe I concluded that in all cases using sender.url
should be the preferred solution and not only if sender.documentLifecycle === 'prerender'
so didn't see a point in an explicit check for it. sender.tab.url
is the cause of the incorrect origin issue and also gives rise to my concern related to iframes.
I did consider fully removing sender.tab.url
like talisman has done but I was not familiar enough with chrome extensions or the reason why the tab url was initially chosen when developing the extension to know if these is a specific edge case where you would have a sender.tab.url
and not a sender.url
. hence why I just swapped them rather than removing the tab url.
Thank you so much for the research and the fix :pray:
This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
We cannot rely on
sender.tab.url
when chrome preloads and prerenders pages as it will not match the url of the site being loaded. This PR changes the primary from tosender.url
and only usessender.tab.url
ifsender.url
is not available.See discussion in #1293
Edit: Also PR #1278 introduced a bug by adding
in the case of getActiveTabs no port is passed causing this to throw an error preventing the extension from initializing.
This PR fixes that by only throwing
if (!isExtension && !sender)