[webkit-changes] [WebKit/WebKit] f86f0d: REGRESSION (300057@main): Content scripts are inje...

Tue, 04 Nov 2025 09:24:21 -0800 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: f86f0d4ad055cbbee47ff46eddfd0d7a3ee95154
      
https://github.com/WebKit/WebKit/commit/f86f0d4ad055cbbee47ff46eddfd0d7a3ee95154
  Author: Timothy Hatcher <[email protected]>
  Date:   2025-11-04 (Tue, 04 Nov 2025)

  Changed paths:
    M Source/WebKit/UIProcess/Extensions/WebExtensionContext.cpp
    M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtension.mm

  Log Message:
  -----------
  REGRESSION (300057@main): Content scripts are injected on the wrong pages.
https://webkit.org/b/301890
rdar://162073778

Reviewed by Brian Weinstein.

When an extension declares multiple content scripts with match patterns, only 
the first
script correctly respects the match patterns. Subsequent scripts in the list 
ignore the
patterns and inject on all pages, and stylesheets fail to inject at all.

The bug was introduced when converting from ObjC++ to C++ in 300057@main. The 
original
code used `makeVector<String>(array)` to create a new `Vector` from an 
`NSArray` on each
loop iteration. The converted code incorrectly used 
`WTFMove(includeMatchPatterns)` and
`WTFMove(excludeMatchPatterns)`, which moved the pattern vectors on the first 
iteration,
leaving them empty for all subsequent iterations.

With empty match patterns, WebCore's content script matching logic treats the 
patterns as
matching all pages, causing scripts to inject globally instead of on their 
intended targets.

The fix changes `WTFMove(patterns)` to `Vector { patterns }`, which creates a 
copy of the
pattern vectors for each script and stylesheet, matching the original behavior.

Test: Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtension.mm

* Source/WebKit/UIProcess/Extensions/WebExtensionContext.cpp:
(WebKit::WebExtensionContext::addInjectedContent): Copy vectors instead of 
moving in the loop.
(WebKit::WebExtensionContext::purgeMatchedRulesFromBefore): Add a newline.
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebExtension.mm:
(TestWebKitAPI::TEST(WKWebExtension, 
MultipleContentScriptsInjectedWhenMatched)): Added.
(TestWebKitAPI::TEST(WKWebExtension, 
MultipleContentScriptsNotInjectedWhenNotMatched)): Added.

Canonical link: https://commits.webkit.org/302546@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to