-
Mustaq Ahmed authored
A past fix for activation propagation from an extension button to extension script seems to have added additional user activation propagation path from tab-strip to all installed extensions: https://chromiumcodereview.appspot.com/10821120/ This crack caused every tab-switching to activate /all/ installed extensions, which seems bad. Because of this, we encountered a security issue with unintended top frame navigation from an iframe. (Luckily only tab switching was affected, not tab clicking.) A user interaction with the tab-strip is different from an interaction with extension buttons. Tab-strip interactions are similar to those on any browser-provided UI element like top menu: they don't at all indicate the user's intention to interact with any extension or website. Therefore, like clicks on top-menu and unlike clicks on extension buttons, tab-switching should suppress activating any background script thus prevent access to use user-activation gated APIs like popup, fullscreen, navigation, etc. Bug: 957633, 1035315 Change-Id: I8d56e02a3a2966521b7bbc4f4efadf67e1acc371 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2072654Reviewed-by:
Devlin <rdevlin.cronin@chromium.org> Commit-Queue: Mustaq Ahmed <mustaq@chromium.org> Cr-Commit-Position: refs/heads/master@{#744802}
6f9f33b6
