Proposal: documentId in tabs.query() filter #586
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Apr 8, 2024
rdcronin
requested changes
Mar 26, 2025
Comment on lines
+3
to
+9
| ** How to Use This Template ** | ||
|
|
||
| See [Proposal Process](proposal_process.md) for the detailed process on how to | ||
| propose new APIs and use this template. Each section includes instructions on | ||
| what to include. Delete the instructions for a given section once it's filled | ||
| out. Remove this section once the template is filled out. | ||
|
|
There was a problem hiding this comment.
Remove this section, per instructions
Suggested change
| ** How to Use This Template ** | |
| See [Proposal Process](proposal_process.md) for the detailed process on how to | |
| propose new APIs and use this template. Each section includes instructions on | |
| what to include. Delete the instructions for a given section once it's filled | |
| out. Remove this section once the template is filled out. |
| time-of-check-time-of-use bugs. Currently extension may query tabs based on | ||
| only incidental identifiers like `windowId`, `index`, and if extension has | ||
| powerful `"tabs"` permission, then also `title` and `url`. Such checks are | ||
| inherintly cumbersome for the extension developer, may lead to extension |
There was a problem hiding this comment.
Suggested change
| inherintly cumbersome for the extension developer, may lead to extension | |
| inherently cumbersome for the extension developer, may lead to extension |
| browsing session. | ||
| 3. If `documentId` is provided and valid, then `tabs.query()` returns only the | ||
| tab which hosts the corresponding document in a top-level context and | ||
| matching all other filters. (In particular, if `documentId` corresponds to |
There was a problem hiding this comment.
I'm curious about this (the subframe behavior). It seems like being able to query which tab holds a document could be useful, independent of if it's a main frame or subframe (e.g., for querying which tab holds a particular frame that the extension may have injected into via a scripting API).
Curious for other folks' thoughts on this. Should we limit this to top frames?
| tab which hosts the corresponding document in a top-level context and | ||
| matching all other filters. (In particular, if `documentId` corresponds to | ||
| sub-frame, an empty list is returned, matching current implementation.) | ||
|
|
There was a problem hiding this comment.
I think we also need to specify the behavior for other unusual cases, such as:
- prerendered documents
- cached (bfcache) documents
- documents in a (web) popup
- documents in an (extension) popup
etc
| ### Exposed Sensitive Data | ||
|
|
||
| Document ids correspond to unique page loads, so a compromised or malicious | ||
| extension could infer page navigations by polling `tabs.query()` untill a |
There was a problem hiding this comment.
Suggested change
| extension could infer page navigations by polling `tabs.query()` untill a | |
| extension could infer page navigations by polling `tabs.query()` until a |
|
|
||
| Document ids correspond to unique page loads, so a compromised or malicious | ||
| extension could infer page navigations by polling `tabs.query()` untill a | ||
| particular document appears or disappers to conclude back-forth navigation. |
There was a problem hiding this comment.
Suggested change
| particular document appears or disappers to conclude back-forth navigation. | |
| particular document appears or disappears to conclude back-forth navigation. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This formalizes proposal first described in #553.
Relevant links