🚑 修复其他扩展注入 chrome.runtime 导致环境误判的问题 #1280#1281
Merged
Conversation
移除 isContent 运行时检测,改为通过 CustomEventMessage.envTag 在构建入口确定环境, 避免其他扩展(如大学搜题酱)向页面注入 chrome.runtime 对象导致 inject 环境被误判为 content 环境。
Contributor
There was a problem hiding this comment.
Pull request overview
该 PR 通过让入口脚本显式标注运行环境(content / inject),避免因第三方扩展向页面注入 chrome.runtime 而导致环境误判,从而修复脚本在部分浏览器/扩展组合下全部失效的问题,并同步升级版本号。
Changes:
CustomEventMessage构造函数改为接收eventFlag + envTag(由内部拼接messageFlag),不再依赖运行时探测。content.ts/inject.ts入口硬编码各自的ScriptEnvTag,移除isContent判断。GMApi中将isContent来源改为消息的envTag;版本号升级至1.3.1。
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| src/scripting.ts | 使用新的 CustomEventMessage(eventFlag, ..., envTag) 来分别建立 content/inject 通道 |
| src/inject.ts | inject 入口显式指定 ScriptEnvTag.inject 并适配新构造函数 |
| src/content.ts | content 入口显式指定 ScriptEnvTag.content 并适配新构造函数 |
| src/app/service/content/gm_api/gm_api.ts | CAT_fetchDocument 改为根据 message.envTag 判定来源环境 |
| packages/message/custom_event_message.ts | CustomEventMessage 构造函数新增 envTag 参数并内部拼接 messageFlag |
| packages/message/common.ts | 移除 isContent 的运行时检测常量 |
| src/manifest.json | 版本号升级至 1.3.1 |
| package.json | 版本号升级至 1.3.1 |
Co-authored-by: Copilot <[email protected]>
Collaborator
|
个人认为不需要改 CustomEventMessage |
CodFrm
commented
Mar 11, 2026
Member
Author
CodFrm
left a comment
CodFrm
left a comment
There was a problem hiding this comment.
个人认为不需要改 CustomEventMessage
我也想了用setIsContent这个办法,纠结了一下还是改动 CustomEventMessage 了,这样避免全局变量,而是依赖注入的形式,也方便单测
src/content.ts
Outdated
Comment on lines
+11
to
+16
| if (typeof chrome === "object" && typeof chrome?.runtime?.sendMessage === "function") { | ||
| setIsContent(); | ||
| } else { | ||
| console.error("chrome.runtime.sendMessage is not a function in content.js"); | ||
| } | ||
|
|
Member
Author
There was a problem hiding this comment.
为什么要这样?这个环境应该是会知道是在content环境吧,也只有content环境会使用这个,而且已经没有地方用isContent了
Collaborator
There was a problem hiding this comment.
在 common 保留 isContent 來使用。
isContent 只在 content.ts 設置
當然你也可以什麼都不管直接 setIsContent();
Collaborator
content.js 跟 inject.js 是兩個環境跑。很難在vitest 模擬出來的吧 vitest 可以執行 "setIsContent" 改環境設置 |
CodFrm
changed the title
CodFrm
added a commit
that referenced
this pull request
Mar 14, 2026
* 🐛 修复其他扩展注入 chrome.runtime 导致环境误判的问题 #1280 移除 isContent 运行时检测,改为通过 CustomEventMessage.envTag 在构建入口确定环境, 避免其他扩展(如大学搜题酱)向页面注入 chrome.runtime 对象导致 inject 环境被误判为 content 环境。 * Update src/app/service/content/gm_api/gm_api.ts Co-authored-by: Copilot <[email protected]> * update * 删除不必要的isconnect * 将 typecheck 集成到 lint/lint-fix 脚本中 * 修复引用 * 删除test-results --------- Co-authored-by: cyfung1031 <[email protected]> Co-authored-by: Copilot <[email protected]>
CodFrm
added a commit
that referenced
this pull request
Mar 16, 2026
* additional test for responseType=document * 🐛 修复 脚本设置-授权管理 控制无效的问题 (#1267) * 🐛 修复 脚本设置-授权管理 控制无效的问题 * 将校验逻辑放到confirm * 修复GM cookie权限判断 * 删除directDeny * buildCacheKey * 整理代码 * Update src/app/service/service_worker/permission_verify.ts Co-authored-by: Copilot <[email protected]> --------- Co-authored-by: Copilot <[email protected]> * 🔒 使用 DOMPurify 清理公告通知 HTML 内容 (#1274) * 🔒 使用 DOMPurify 清理公告通知的 HTML 内容 #1273 使用 DOMPurify 对服务端下发的公告 HTML 进行白名单过滤,防止潜在的 UI 注入风险。只允许基础标签和安全的 CSS 属性(颜色、字体相关)。 * code update --------- Co-authored-by: cyfung1031 <[email protected]> * 🐛 修复 include *?* 表达式处理问题 #1271 (#1272) * 🐛 修复 include *?* 表达式处理问题 #1271 * Added error handling to avoid crash * update globSplit * update globSplit * update globSplit --------- Co-authored-by: cyfung1031 <[email protected]> * fix #1274 (#1275) * fix #1274 * Update index.ts * Array.includes -> Set.has * 🐛 修复与隐身窗口检查权限冲突导致反复重启的问题 * 📄 docs: update Chrome Web Store URLs to new domain (#1279) Google migrated the Chrome Web Store from `chrome.google.com/webstore` to `chromewebstore.google.com`. This updates all CWS URLs across README files to use the new domain. The old URLs currently redirect, but will eventually stop working. * ✅ 添加 Playwright E2E 测试及 GM API 功能测试 (#1283) * ✅ 添加 Playwright E2E 测试 - 新增 22 个 E2E 测试覆盖 Options、Popup、Install、Editor、Settings 页面 - 配置 Playwright 使用 --headless=new 模式加载扩展 - 在 CI workflow 中添加 E2E 测试 job * ✅ 添加 GM API E2E 测试 新增 gm-api.spec.ts 测试三类 GM API: - GM_ 同步 API (gm_api_test.js): 29 项测试 - GM.* 异步 API (gm_api_async_test.js): 29 项测试 - Content 注入测试 (inject_content_test.js): 11 项测试 实现要点: - 两阶段浏览器启动:Phase 1 启用 userScriptsAccess,Phase 2 重启运行测试 - 自动审批权限确认弹窗(cookie 等需要用户授权的 API) - 通过剪贴板注入脚本代码到 Monaco 编辑器 - 替换 jsdelivr CDN 为 unpkg 提升资源加载速度 - 去除 @require/@resource 的 SRI hash 避免校验失败 更新 utils.ts 中 installScriptByCode 增加保存失败的 fallback 检测 * 🐛 修复 GM API E2E 测试 CI 兼容性 - Phase 1 添加 --headless=new 参数,修复 CI 无 X server 环境 - 添加 eslint-disable 注释消除 Playwright use() 的误报 - prettier 格式化修正 * 🐛 修复 E2E 测试 CI 兼容性问题 - vitest.config.ts: 排除 e2e/ 目录避免 Vitest 误跑 Playwright 测试 - eslint.config.mjs: 为 e2e/ 目录关闭 react-hooks/rules-of-hooks 规则 - e2e/options.spec.ts: 菜单正则加 /i 标志修复英文环境大小写匹配 - prettier 格式化修正 * 🚑 修复其他扩展注入 chrome.runtime 导致环境误判的问题 #1280 (#1281) * 🐛 修复其他扩展注入 chrome.runtime 导致环境误判的问题 #1280 移除 isContent 运行时检测,改为通过 CustomEventMessage.envTag 在构建入口确定环境, 避免其他扩展(如大学搜题酱)向页面注入 chrome.runtime 对象导致 inject 环境被误判为 content 环境。 * Update src/app/service/content/gm_api/gm_api.ts Co-authored-by: Copilot <[email protected]> * update * 删除不必要的isconnect * 将 typecheck 集成到 lint/lint-fix 脚本中 * 修复引用 * 删除test-results --------- Co-authored-by: cyfung1031 <[email protected]> Co-authored-by: Copilot <[email protected]> * ⚙️ 优化 CI 流水线和测试配置 - 缓存 Playwright 浏览器避免重复下载 - 测试失败时上传截图/视频/报告等调试产物 - Playwright CI 环境启用 HTML+list 双 reporter、失败截图和视频 - 各工具链配置屏蔽 .claude 目录 * ✅ 修复 e2e 测试 service worker 超时并优化等待策略 - gm-api.spec.ts: Phase 2 重启 context 后等待 service worker 注册完成 再交给 fixtures,避免 extensionId fixture 用 10s 全局超时等待失败 - gm-api.spec.ts: 用事件驱动 Promise 替换 500ms 轮询循环, console 结果一出现立即继续 - utils.ts: installScriptByCode 用 DOM 事件等待替代固定延迟: click 后等光标出现,粘贴后等 .view-lines 内容变化 --------- Co-authored-by: wangyizhi <[email protected]> Co-authored-by: Copilot <[email protected]> Co-authored-by: Michael Lip <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
isContent运行时检测(typeof chrome.runtime.sendMessage),改为通过CustomEventMessage.envTag由入口脚本显式指定环境chrome.runtime对象,导致 inject 环境被误判为 content 环境,脚本全部失效的问题改动说明
CustomEventMessage构造函数改为接收(eventFlag, isInbound, envTag?)三个参数,内部拼接messageFlagcontent.ts硬编码ScriptEnvTag.content,inject.ts硬编码ScriptEnvTag.injectgm_api.ts中的isContent改为从message.envTag读取Closes #1280
Test plan