From 8a6cd3cd12932e5c6dfea9529c8cbafb9be46445 Mon Sep 17 00:00:00 2001
From: Stephanie Ding <sym@fb.com>
Date: Tue, 10 Sep 2019 18:06:23 -0700
Subject: [PATCH] remove ability to inject arbitrary scripts

---
 packages/react-devtools-extensions/src/inject.js    |  9 +++++++--
 .../src/injectGlobalHook.js                         |  4 ++--
 packages/react-devtools-extensions/src/main.js      | 13 ++++++++++++-
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/packages/react-devtools-extensions/src/inject.js b/packages/react-devtools-extensions/src/inject.js
index b2f4a03e1295f..938e2cf7eb227 100644
--- a/packages/react-devtools-extensions/src/inject.js
+++ b/packages/react-devtools-extensions/src/inject.js
@@ -2,8 +2,13 @@
 
 export default function inject(scriptName: string, done: ?Function) {
   const source = `
+  // the prototype stuff is in case document.createElement has been modified
   (function () {
-    window.postMessage({ source: 'react-devtools-inject-script', scriptName: "${scriptName}" }, "*");
+    var script = document.constructor.prototype.createElement.call(document, 'script');
+    script.src = "${scriptName}";
+    script.charset = "utf-8";
+    document.documentElement.appendChild(script);
+    script.parentNode.removeChild(script);
   })()
   `;
 
@@ -16,4 +21,4 @@ export default function inject(scriptName: string, done: ?Function) {
       done();
     }
   });
-}
\ No newline at end of file
+}
diff --git a/packages/react-devtools-extensions/src/injectGlobalHook.js b/packages/react-devtools-extensions/src/injectGlobalHook.js
index a087c50dc53f1..550e2f38512aa 100644
--- a/packages/react-devtools-extensions/src/injectGlobalHook.js
+++ b/packages/react-devtools-extensions/src/injectGlobalHook.js
@@ -31,10 +31,10 @@ window.addEventListener('message', function(evt) {
         reactBuildType: evt.data.reactBuildType,
       };
       chrome.runtime.sendMessage(lastDetectionResult);
-    } else if (evt.data.source === 'react-devtools-inject-script' && evt.data.scriptName) {
+    } else if (evt.data.source === 'react-devtools-inject-backend') {
       //Inject the specified script
       var script = document.constructor.prototype.createElement.call(document, 'script');
-      script.src = evt.data.scriptName;
+      script.src = chrome.runtime.getURL('build/backend.js');
       script.charset = "utf-8";
       document.documentElement.appendChild(script);
       script.parentNode.removeChild(script);
diff --git a/packages/react-devtools-extensions/src/main.js b/packages/react-devtools-extensions/src/main.js
index 7d786e0321917..d5ff4a40c268c 100644
--- a/packages/react-devtools-extensions/src/main.js
+++ b/packages/react-devtools-extensions/src/main.js
@@ -135,7 +135,18 @@ function createPanelIfReactLoaded() {
 
         // Initialize the backend only once the Store has been initialized.
         // Otherwise the Store may miss important initial tree op codes.
-        inject(chrome.runtime.getURL('build/backend.js'));
+        chrome.devtools.inspectedWindow.eval(
+          `window.postMessage({ source: 'react-devtools-inject-backend' });`, 
+          function(response, error) {
+          if (error) {
+            console.log(error);
+          }
+
+          if (typeof done === 'function') {
+            done();
+          }
+        }
+        );
 
         const viewElementSourceFunction = createViewElementSource(
           bridge,