Specify execution context #905
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
oliverdunk
requested changes
Nov 19, 2025
Member
oliverdunk
left a comment
oliverdunk
left a comment
There was a problem hiding this comment.
Thanks Rob! I left some initial thoughts. Some of the vague language (e.g "a limited number of extension APIs may be available") seems out of a place for a specification, but I'm happy to address that in future PRs.
|
|
||
| # The `browser` global | ||
|
|
||
| The `browser` global is the primary namespace hosting extension APIs, available to [=extension context=]s. |
Member
There was a problem hiding this comment.
Can we figure out how to properly cross-reference the browser namespace spec here?
|
|
||
| The `browser` global is the primary namespace hosting extension APIs, available to [=extension context=]s. | ||
|
|
||
| Although the [=main world=] of a web page is not an [=extension context=], it may also contain the `browser` global to offer access functionality granted by [#key-externally_connectable]. |
Member
There was a problem hiding this comment.
Suggested change
| Although the [=main world=] of a web page is not an [=extension context=], it may also contain the `browser` global to offer access functionality granted by [#key-externally_connectable]. | |
| Although the [=main world=] of a web page is not an [=extension context=], it may also contain the `browser` global to offer access to functionality granted by [#key-externally_connectable]. |
| * An <dfn>extension context</dfn> is any JavaScript execution context associated with an extension. | ||
| * A <dfn>privileged extension context</dfn> has access to the full set of extension APIs available to the extension. The most prominent example is the background page or worker defined by the [[#key-background]] part of the [=manifest=]. | ||
| * The main execution context of a web page, also known as the <dfn>main world</dfn>, is not an extension context. It does not have access to any extension API, except when an extension allows so through [#key-externally_connectable]. | ||
| * An <dfn>isolated world</dfn> is an isolated JavaScript context with access to the same underlying DOM tree but their own set of wrappers around those DOM objects. Declarations in the global scope are also isolated. A limited number of extension APIs may be available in these execution contexts. |
Member
There was a problem hiding this comment.
Suggested change
| * An <dfn>isolated world</dfn> is an isolated JavaScript context with access to the same underlying DOM tree but their own set of wrappers around those DOM objects. Declarations in the global scope are also isolated. A limited number of extension APIs may be available in these execution contexts. | |
| * An <dfn>isolated world</dfn> is an isolated JavaScript context with access to the same underlying DOM tree as the [=main world=] but its own set of wrappers around those DOM objects. Declarations in the global scope are also isolated. A limited number of extension APIs may be available in these execution contexts. |
| * A <dfn>privileged extension context</dfn> has access to the full set of extension APIs available to the extension. The most prominent example is the background page or worker defined by the [[#key-background]] part of the [=manifest=]. | ||
| * The main execution context of a web page, also known as the <dfn>main world</dfn>, is not an extension context. It does not have access to any extension API, except when an extension allows so through [#key-externally_connectable]. | ||
| * An <dfn>isolated world</dfn> is an isolated JavaScript context with access to the same underlying DOM tree but their own set of wrappers around those DOM objects. Declarations in the global scope are also isolated. A limited number of extension APIs may be available in these execution contexts. | ||
| * Some extension APIs may involve the execution of JavaScript code in contexts other than what is specified above. For example, the `userScripts` API allows the creation of `USER_SCRIPT` worlds that are isolated similarly to [=isolated world=]s but with distinct API availability. The `proxy` API allows the registration of Proxy auto-config (PAC) scripts whose execution environment is outside the scope of this specification. |
Member
There was a problem hiding this comment.
Suggested change
| * Some extension APIs may involve the execution of JavaScript code in contexts other than what is specified above. For example, the `userScripts` API allows the creation of `USER_SCRIPT` worlds that are isolated similarly to [=isolated world=]s but with distinct API availability. The `proxy` API allows the registration of Proxy auto-config (PAC) scripts whose execution environment is outside the scope of this specification. | |
| Some extension APIs may involve the execution of JavaScript code in contexts other than what is specified above. For example, the `userScripts` API allows the creation of `USER_SCRIPT` worlds that are isolated similarly to [=isolated world=]s but with distinct API availability. The `proxy` API allows the registration of Proxy auto-config (PAC) scripts whose execution environment is outside the scope of this specification. |
xeenon
reviewed
Nov 21, 2025
|
|
||
| * An <dfn>extension context</dfn> is any JavaScript execution context associated with an extension. | ||
| * A <dfn>privileged extension context</dfn> has access to the full set of extension APIs available to the extension. The most prominent example is the background page or worker defined by the [[#key-background]] part of the [=manifest=]. | ||
| * The main execution context of a web page, also known as the <dfn>main world</dfn>, is not an extension context. It does not have access to any extension API, except when an extension allows so through [#key-externally_connectable]. |
Collaborator
There was a problem hiding this comment.
This is not entirely true. An extension page loaded in a tab executes in the main world. So does a background page. I think we should separate the concept of worlds and contexts. DevTools panels are main world with an unprivileged context for example.
Member
Author
There was a problem hiding this comment.
I'd like to emphasize that even though an extension can trigger script execution in a web page, that it is not considered an extension context. How about adding "when its origin is not an extension origin"?
Suggested change
| * The main execution context of a web page, also known as the <dfn>main world</dfn>, is not an extension context. It does not have access to any extension API, except when an extension allows so through [#key-externally_connectable]. | |
| * The main execution context of a web page, also known as the <dfn>main world</dfn>, is not an extension context when its origin is not an extension origin. It does not have access to any extension API, except when an extension allows so through [#key-externally_connectable]. |
xeenon
reviewed
Nov 21, 2025
| * A <dfn>privileged extension context</dfn> has access to the full set of extension APIs available to the extension. The most prominent example is the background page or worker defined by the [[#key-background]] part of the [=manifest=]. | ||
| * The main execution context of a web page, also known as the <dfn>main world</dfn>, is not an extension context. It does not have access to any extension API, except when an extension allows so through [#key-externally_connectable]. | ||
| * An <dfn>isolated world</dfn> is an isolated JavaScript context with access to the same underlying DOM tree but their own set of wrappers around those DOM objects. Declarations in the global scope are also isolated. A limited number of extension APIs may be available in these execution contexts. | ||
| * Some extension APIs may involve the execution of JavaScript code in contexts other than what is specified above. For example, the `userScripts` API allows the creation of `USER_SCRIPT` worlds that are isolated similarly to [=isolated world=]s but with distinct API availability. The `proxy` API allows the registration of Proxy auto-config (PAC) scripts whose execution environment is outside the scope of this specification. |
Collaborator
There was a problem hiding this comment.
I don't see the need to mention proxy until it is also specified.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
While discussing #873 (comment) at TPAC, I mentioned the ambiguity of "extension context", and suggested "privileged execution context" to disambiguate it. But this term may not be well-known, so I'm adding a definition for it.