Vitanshu Sahu
unread,May 23, 2022, 8:00:49 AM5/23/22Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Chromium Extensions, salem...@gmail.com, Chromium Extensions, Vitanshu Sahu, Gaurav Rathor
Ya
What my extension does is it executes some user written JavaScript.That means for each user this script is different.So this extension load the Javascript on runtime and executes this file code as a string.
Suppose a user writes this javascript
File Name:- aBC.js(Different for different users)
'use strict';
window.myldap_vitanshu = {
init: function() {
alert('My First Module: controller template init() function called');
}
};
So what my extension does is load this file and execute this string.
But since now direct code execution is not allowed therefore we have to do it inside a function or file for registering this variable in window.
But for this we have to use eval which is not allowed.
If all things work fine then the expected functionality is as follows:-
Register Variable inside window.
Then Call window.init() whose functionality depends on user to user.
For Fixing this I have moved this code to a sandboxed page and execute inline script which is allowed in Sandboxed Page.
But another user writes
'use strict';
window.myldap_vitanshu = {
init: function() {
chrome.storage.sync.get('key_name')
}
};
The main problem is here since sandboxed pages are not allowed to access chrome apis in sandboxed page.