PoC in devtools console with any extension that injects a content script:

// content script context
addEventListener('test', e => console.log(e.detail))
// main page context
dispatchEvent(new CustomEvent('test', {detail: {foo: window.alert}}));
// observed
null
// expected
{}

Even though it's apparently considered WAI ( https://crbug.com/598171#c16 ), it still seems weirdly different from how extension messaging works, which does JSON.stringify + JSON.parse so the non-transferrable stuff is simply skipped resulting in at least {} being passed for {foo: window.alert}.

======================================================

Test extension is attached too:
1. open https://examle.org
2. click the extension button
Expected: "{}" is shown
Observed: "null" is shown

======================================================

Bisected to: 210523 (good) - 210534 (bad)
https://chromium.googlesource.com/chromium/src/+log/0061349a01..660ced2c7f?pretty=fuller
Suspecting r210531 "Blink roll 153685:153737"
Specifically 31a455d68c1715eb5b061c983f09940679104bd6
"Remove leak of objects between isolated worlds on custom events, message events, and pop state events."
Landed in 30.0.1561.0

 

Deleted: ext.zip 806 bytes

ext.zip 806 bytes Download