From b0bf91285fdfdb82ecde04086e0fcc7b5f8fec92 Mon Sep 17 00:00:00 2001
From: Samuel Attard <samuel.r.attard@gmail.com>
Date: Thu, 28 Mar 2019 10:01:01 -0700
Subject: [PATCH 1/4] fix: ensure dots in content script patterns aren't used
 as wildcards

---
 lib/renderer/content-scripts-injector.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/renderer/content-scripts-injector.js b/lib/renderer/content-scripts-injector.js
index 5091d84f69685..40916624a05ab 100644
--- a/lib/renderer/content-scripts-injector.js
+++ b/lib/renderer/content-scripts-injector.js
@@ -7,7 +7,7 @@ const { runInThisContext } = require('vm')
 // https://developer.chrome.com/extensions/match_patterns
 const matchesPattern = function (pattern) {
   if (pattern === '<all_urls>') return true
-  const regexp = new RegExp(`^${pattern.replace(/\*/g, '.*')}$`)
+  const regexp = new RegExp(`^${pattern.replace(/\./g, '\\.').replace(/\*/g, '.*')}$`)
   const url = `${location.protocol}//${location.host}${location.pathname}`
   return url.match(regexp)
 }

From a71054cf3c9f69fdf6755ae9727f9bfe9aed98a4 Mon Sep 17 00:00:00 2001
From: Samuel Attard <samuel.r.attard@gmail.com>
Date: Thu, 28 Mar 2019 10:12:19 -0700
Subject: [PATCH 2/4] chore: santize all regex chars

---
 lib/renderer/content-scripts-injector.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/renderer/content-scripts-injector.js b/lib/renderer/content-scripts-injector.js
index 40916624a05ab..6cd9688e3f057 100644
--- a/lib/renderer/content-scripts-injector.js
+++ b/lib/renderer/content-scripts-injector.js
@@ -7,7 +7,7 @@ const { runInThisContext } = require('vm')
 // https://developer.chrome.com/extensions/match_patterns
 const matchesPattern = function (pattern) {
   if (pattern === '<all_urls>') return true
-  const regexp = new RegExp(`^${pattern.replace(/\./g, '\\.').replace(/\*/g, '.*')}$`)
+  const regexp = new RegExp(`^${pattern.split('*').map(x => x.replace(/[\\^$+?.()|[\]{}]/g, '\\$&'))).join('.*')}$`)
   const url = `${location.protocol}//${location.host}${location.pathname}`
   return url.match(regexp)
 }

From 6bc9ebb1e02890477cadad0080f8a9f5f4351852 Mon Sep 17 00:00:00 2001
From: Samuel Attard <samuel.r.attard@gmail.com>
Date: Thu, 28 Mar 2019 10:16:01 -0700
Subject: [PATCH 3/4] chore: extract to helper

---
 lib/renderer/content-scripts-injector.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/renderer/content-scripts-injector.js b/lib/renderer/content-scripts-injector.js
index 6cd9688e3f057..bc1da0c5ba238 100644
--- a/lib/renderer/content-scripts-injector.js
+++ b/lib/renderer/content-scripts-injector.js
@@ -3,11 +3,15 @@
 const ipcRenderer = require('@electron/internal/renderer/ipc-renderer-internal')
 const { runInThisContext } = require('vm')
 
+const escapePattern = function (pattern) {
+  return pattern.split('*').map(x => x.replace(/[\\^$+?.()|[\]{}]/g, '\\$&'))).join('.*')
+}
+
 // Check whether pattern matches.
 // https://developer.chrome.com/extensions/match_patterns
 const matchesPattern = function (pattern) {
   if (pattern === '<all_urls>') return true
-  const regexp = new RegExp(`^${pattern.split('*').map(x => x.replace(/[\\^$+?.()|[\]{}]/g, '\\$&'))).join('.*')}$`)
+  const regexp = new RegExp(`^${escapePattern(pattern)}$`)
   const url = `${location.protocol}//${location.host}${location.pathname}`
   return url.match(regexp)
 }

From 7f617743ceab3a3b405b224c7a44dff1b987c2c5 Mon Sep 17 00:00:00 2001
From: Samuel Attard <samuel.r.attard@gmail.com>
Date: Thu, 28 Mar 2019 10:19:28 -0700
Subject: [PATCH 4/4] chore: fixup helper

---
 lib/renderer/content-scripts-injector.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/renderer/content-scripts-injector.js b/lib/renderer/content-scripts-injector.js
index bc1da0c5ba238..1a10d7a65d97b 100644
--- a/lib/renderer/content-scripts-injector.js
+++ b/lib/renderer/content-scripts-injector.js
@@ -4,14 +4,14 @@ const ipcRenderer = require('@electron/internal/renderer/ipc-renderer-internal')
 const { runInThisContext } = require('vm')
 
 const escapePattern = function (pattern) {
-  return pattern.split('*').map(x => x.replace(/[\\^$+?.()|[\]{}]/g, '\\$&'))).join('.*')
+  return pattern.replace(/[\\^$+?.()|[\]{}]/g, '\\$&')
 }
 
 // Check whether pattern matches.
 // https://developer.chrome.com/extensions/match_patterns
 const matchesPattern = function (pattern) {
   if (pattern === '<all_urls>') return true
-  const regexp = new RegExp(`^${escapePattern(pattern)}$`)
+  const regexp = new RegExp(`^${pattern.split('*').map(escapePattern).join('.*')}$`)
   const url = `${location.protocol}//${location.host}${location.pathname}`
   return url.match(regexp)
 }