Opened 2 years ago

Last modified 18 months ago

#6507 closed change

Inject style sheet proactively from background page — at Initial Version

Reported by: mjethani Assignee:
Priority: Unknown Milestone:
Module: Platform Keywords: circumvention, externaldependency
Cc: sebastian, kzar Blocked By: #242, #5090
Blocking: Platform: Unknown / Cross platform
Ready: no Confidential: no
Tester: Unknown Verified working: no
Review URL(s):

https://codereview.adblockplus.org/29738592/

Description

Background

The background page waits for the content script to send a message before it can inject the style sheet for element hiding. The message itself contains no information. Now with user style sheets (#5090, #242) the background page doesn't have to wait for the content script before injecting the style sheet, it can inject the style sheet preemptively if tabs.insertCSS with cssOrigin is supported.

The benefit of doing this mainly is for anti-circumvention.

Chromium does not run the content script on sandboxed about: frames, because they have a unique origin (this is questionable but it is the current behavior). Even after crrev.com/c/968681, it is not going to run content scripts in sandboxed data: frames.

In other words, if we have a filter ###ad and the following HTML code:

<iframe srcdoc="<div id='ad'>ANNOYING AD!!!</div>" sandbox></iframe>

That div#ad inside the <iframe> will not get hidden.

While currently neither Chromium nor Firefox will allow tabs.insertCSS on sandboxed about: and data: frames, it might be possible to convince both browsers to allow CSS (even if not JavaScript) to be injected into such frames.

What to change

[To be decided]

Change History (0)

Note: See TracTickets for help on using tickets.