diff --git a/www/js/search.js b/www/js/search.js
index f060f4121a4e2910aa5bd17938231d7d16247ebc..0b7e1e884638613a4199078a67f88998c2c72c96 100644
--- a/www/js/search.js
+++ b/www/js/search.js
@@ -259,6 +259,19 @@
 					
 					googleOrigin = /^https?:\/\/www\.google\.com$/,
 					
+					isValidOrigin = function(origin) {
+						if (googleOrigin.test(origin)) {
+							return false;
+						}
+						
+						// don't allow self origin or browser extension origins
+						if (origin == location.origin || /^chrome:/.test(origin)) {
+							return false;
+						}
+						
+						return true;
+					},
+					
 					passiveQuery = function(q, track) {
 						if (query === q) {
 							return;
@@ -330,7 +343,7 @@
 				$(window).on('message', function(e) {
 					var oEvent = e.originalEvent, q;
 					
-					if (googleOrigin.test(oEvent.origin)) {
+					if (!isValidOrigin(oEvent.origin)) {
 						return;
 					}