🐛 修复 Firefox 中 GM_cookie 无法获取 cookie 的问题 (#1319)

CodFrm · cyfung1031 · web-flow · commit 69d98e29d223 · 2026-03-28T23:44:47.000+08:00
* 🔒 修复 CustomEvent 通信密钥泄露漏洞 在模块顶层保存原生 CustomEvent、MouseEvent、dispatchEvent、addEventListener 引用， 防止页面脚本通过 hook 全局构造函数窃取 IPC 通信密钥，伪造 GM_* API 调用。 * 代码对齐最新做法 * 修正错误测试代码 * 🐛 修复 Firefox 中 GM_cookie 无法获取 cookie 的问题 #1187 * 处理jest问题 * 处理jest问题 * 🐛 GM_cookie 未指定 url/domain 时自动使用当前页面 URL * typescript * cookieQuery -> cookieParams * typo * 补充单元测试 * Update cookie_params.test.ts --------- Co-authored-by: cyfung1031 <44498510+cyfung1031@users.noreply.github.com>
diff --git a/jest.setup.js b/jest.setup.js
@@ -1,3 +1,5 @@
+process.env.VI_TESTING = "true";
+
 // Define / mock your globals here
 global.fetch = () => {
   return Promise.reject(new Error("not implemented"));
diff --git a/src/app/message/common.ts b/src/app/message/common.ts
@@ -2,7 +2,9 @@
 export const MouseEventClone = MouseEvent;
 export const CustomEventClone = CustomEvent;
 
-const performanceClone = (process.env.VI_TESTING === "true" ? new EventTarget() : performance) as Performance;
+const performanceClone = (typeof process !== "undefined" && process.env.VI_TESTING === "true"
+  ? new EventTarget()
+  : performance) as Performance;
 
 // 避免页面载入后改动 EventTarget.prototype 的方法导致消息传递失败
 export const pageDispatchEvent = performanceClone.dispatchEvent.bind(performanceClone);
diff --git a/src/runtime/background/cookie_params.test.ts b/src/runtime/background/cookie_params.test.ts
@@ -0,0 +1,131 @@
+import { cookieParams } from "./cookie_params";
+
+// 用于模拟 Firefox 环境的辅助函数
+const mockFirefox = () => {
+  (globalThis as any).mozInnerScreenX = 0;
+};
+
+const mockNonFirefox = () => {
+  delete (globalThis as any).mozInnerScreenX;
+};
+
+describe("cookieParams", () => {
+
+  afterEach(() => {
+    mockNonFirefox();
+  });
+
+  describe("undefined 过滤", () => {
+    it("从参数中移除 undefined 值", () => {
+      const result = cookieParams({ domain: "example.com", name: undefined });
+      expect(result).toEqual({ domain: "example.com" });
+    });
+
+    it("保留 null 和 false 值", () => {
+      const result = cookieParams({ domain: null, secure: false, name: undefined });
+      expect(result).toEqual({ domain: null, secure: false });
+    });
+
+    it("保留空字符串值", () => {
+      const result = cookieParams({ domain: "", name: "test" });
+      expect(result).toEqual({ domain: "", name: "test" });
+    });
+
+    it("当所有值都是 undefined 时返回空对象", () => {
+      const result = cookieParams({ domain: undefined, name: undefined });
+      expect(result).toEqual({});
+    });
+  });
+
+  it("过滤掉 undefined 属性", () => {
+    const result = cookieParams({
+      url: "https://example.com",
+      domain: undefined,
+      name: undefined,
+      path: "/",
+      secure: undefined,
+    });
+    expect(result).toEqual({ url: "https://example.com", path: "/" });
+    expect("domain" in result).toBe(false);
+    expect("name" in result).toBe(false);
+    expect("secure" in result).toBe(false);
+  });
+
+  it("保留所有非 undefined 的属性（包括 null 和 false）", () => {
+    const result = cookieParams({
+      url: "https://example.com",
+      secure: false,
+      session: false,
+      storeId: null as unknown as string,
+    });
+    expect(result).toEqual({
+      url: "https://example.com",
+      secure: false,
+      session: false,
+      storeId: null,
+    });
+  });
+
+  describe("Firefox：注入 firstPartyDomain", () => {
+    it("在 Firefox 中注入 firstPartyDomain: null（情况1）", () => {
+      mockFirefox();
+      const result = cookieParams({ domain: "example.com" });
+      expect(result).toEqual({ domain: "example.com", firstPartyDomain: null });
+    });
+
+    it("在 Firefox 中注入 firstPartyDomain: null（情况2）", () => {
+      mockFirefox();
+      const result = cookieParams({ url: "https://example.com" });
+      expect(result).toEqual({ url: "https://example.com", firstPartyDomain: null });
+    });
+
+    it("在 Firefox 中覆盖已有的 firstPartyDomain（情况1）", () => {
+      mockFirefox();
+      const result = cookieParams({ domain: "example.com", firstPartyDomain: "other.com" });
+      expect(result.firstPartyDomain).toBeNull();
+    });
+
+    it("在 Firefox 中覆盖已有的 firstPartyDomain（情况2）", () => {
+      mockFirefox();
+      const result = cookieParams({ url: "https://example.com", firstPartyDomain: "other.com" });
+      expect(result.firstPartyDomain).toBeNull();
+    });
+
+    it("在非 Firefox 环境下不注入 firstPartyDomain（情况1）", () => {
+      mockNonFirefox();
+      const result = cookieParams({ domain: "example.com" });
+      expect(result).not.toHaveProperty("firstPartyDomain");
+    });
+
+    it("在非 Firefox 环境下不注入 firstPartyDomain（情况2）", () => {
+      mockNonFirefox();
+      const result = cookieParams({ url: "https://example.com" });
+      expect(result).not.toHaveProperty("firstPartyDomain");
+    });
+  });
+
+  describe("真实 GM_cookie 使用场景", () => {
+    it("处理带有可选字段的列表查询", () => {
+      const result = cookieParams({
+        domain: "example.com",
+        name: undefined,
+        path: undefined,
+        secure: true,
+        session: undefined,
+        url: undefined,
+        storeId: undefined,
+      });
+      expect(result).toEqual({ domain: "example.com", secure: true });
+    });
+
+    it("处理删除查询", () => {
+      const result = cookieParams({
+        name: "session",
+        url: "https://example.com",
+        storeId: undefined,
+      });
+      expect(result).toEqual({ name: "session", url: "https://example.com" });
+    });
+  });
+
+});
diff --git a/src/runtime/background/cookie_params.ts b/src/runtime/background/cookie_params.ts
@@ -0,0 +1,13 @@
+// 过滤掉 undefined 属性，避免 Firefox cookies API 对 undefined 值的处理差异
+// Firefox 还需要 firstPartyDomain: null 以在 First-Party Isolation 开启时返回所有 cookie
+export function cookieParams<T extends { [key: string]: unknown; firstPartyDomain?: any; }>(params: T): T {
+  // @ts-ignore
+  const isFirefox = typeof mozInnerScreenX !== "undefined";
+  const cleaned = Object.fromEntries(
+    Object.entries(params).filter(([, v]) => v !== undefined)
+  ) as T;
+  if (isFirefox) {
+    cleaned.firstPartyDomain = null;
+  }
+  return cleaned;
+}
diff --git a/src/runtime/background/gm_api.ts b/src/runtime/background/gm_api.ts
@@ -31,6 +31,8 @@ import {
   setXhrHeader,
 } from "./utils";
 
+import { cookieParams } from "./cookie_params";
+
 // GMApi,处理脚本的GM API调用请求
 
 export type MessageRequest = {
@@ -669,6 +671,10 @@ export default class GMApi {
         return Promise.resolve(true);
       }
       const detail = <GMTypes.CookieDetails>request.params[1];
+      // 未指定 url 和 domain 时，自动使用当前页面的 URL（兼容 Tampermonkey 行为）
+      if (!detail.url && !detail.domain && request.sender.url) {
+        detail.url = request.sender.url;
+      }
       if (!detail.url && !detail.domain) {
         return Promise.reject(new Error("there must be one of url or domain"));
       }
@@ -735,7 +741,10 @@ export default class GMApi {
         });
         return;
       }
-      // url或者域名不能为空
+      // 未指定 url 和 domain 时，自动使用当前页面的 URL（兼容 Tampermonkey 行为）
+      if (!detail.url && !detail.domain && request.sender.url) {
+        detail.url = request.sender.url;
+      }
       if (detail.url) {
         detail.url = detail.url.trim();
       }
@@ -749,15 +758,15 @@ export default class GMApi {
       switch (param[0]) {
         case "list": {
           chrome.cookies.getAll(
-            {
+            cookieParams({
               domain: detail.domain,
               name: detail.name,
               path: detail.path,
               secure: detail.secure,
               session: detail.session,
               url: detail.url,
               storeId: detail.storeId,
-            },
+            }),
             (cookies) => {
               resolve(cookies);
             }
@@ -770,11 +779,11 @@ export default class GMApi {
             return;
           }
           chrome.cookies.remove(
-            {
+            cookieParams({
               name: detail.name,
               url: detail.url,
               storeId: detail.storeId,
-            },
+            }),
             () => {
               resolve(undefined);
             }
@@ -787,7 +796,7 @@ export default class GMApi {
             return;
           }
           chrome.cookies.set(
-            {
+            cookieParams({
               url: detail.url,
               name: detail.name,
               domain: detail.domain,
@@ -797,7 +806,7 @@ export default class GMApi {
               httpOnly: detail.httpOnly,
               secure: detail.secure,
               storeId: detail.storeId,
-            },
+            }),
             () => {
               resolve(undefined);
             }

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+process.env.VI_TESTING = "true";`
	`2`	`+`
`1`	`3`	`// Define / mock your globals here`
`2`	`4`	`global.fetch = () => {`
`3`	`5`	`return Promise.reject(new Error("not implemented"));`