Description of Change

Split from #44411
Implements part of RFC #8

contextBridge.executeInMainWorld is added to accept { func: Function, args: any[] }. This allows serializing a function and arguments over the context bridge to be executed in the main world.

Tests to guarantee return values go through the context bridge reuse the logic from our webFrame.executeJavaScript world safe test. The internals of executeInMainWorld are shared with exposeInMainWorld.

chrome.scripting.executeScript internals

• Extension IDL specifies [serializableFunction] for Function argument
  https://source.chromium.org/chromium/chromium/src/+/main:chrome/common/extensions/api/scripting.idl;l=47-53;drc=f54f71679bfe9b9ef10c785369112fb2d0661750
• ArgumentSpec::ParseArgumentToFunction serializes the function using v8::Function::FunctionProtoToString
  https://source.chromium.org/chromium/chromium/src/+/main:extensions/renderer/bindings/argument_spec.cc;l=744-764;drc=38412897b24a44461ec89d2167e2110a3793c98c
• ScriptingExecuteScriptFunction::Run constructs the function string and serializes arguments as JSON
  https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/extensions/api/scripting/scripting_api.cc;l=617-641;drc=01ab59ae08a38a361da7dac41e36f387f6600ed5

contextBridge.executeInMainWorld(script) types

The types are currently using any. We'll need to modify our type definition generator to better support adding generics here. Given the API being marked as Experimental, we can update this in a follow up PR to prevent blocking this PR.

interface ExecutionScript {
  /**
   * A JavaScript function to evaluate. This function will be serialized which means
   * that any bound parameters and execution context will be lost.
   */
  func: (...args: any[]) => any;
  /**
   * The arguments to pass to the provided function. These arguments are proxied
   * across the context bridge.
   */
  args?: any[];
}

interface ContextBridge {
  executeInMainWorld(script: ExecutionScript): any;
}

Checklist

• PR description included and stakeholders cc'd
• npm test passes
• tests are changed or added
• relevant documentation, tutorials, templates and examples are changed or added
• PR release notes describe the change in a way relevant to app developers, and are capitalized, punctuated, and past tense.

Release Notes

Notes: Added contextBridge.executeInMainWorld to safely execute code across world boundaries.