Search completed in 0.89 seconds.
XPCOM changes in Gecko 2.0
xpcnativewrapper changes you can't disable
xpcnativewrappers from your manifest specifying
xpcnativewrappers=no in your manifest (that is,
xpcnativewrapper automation) is no longer supported.
... this was always intended to be a short-term workaround to allow extensions to continue to work while their authors updated their code to use
xpcnativewrappers.
... if your add-on depends upon xbl bindings attached to content objects—for example, the ability to call functions or get and set properties created by the xbl binding—you will need to use the
xpcnativewrapper property wrappedjsobject to access wrapped objects.
...And 2 more matches
Manifest Files - Archive of obsolete content
the browser.manifest file used by firefox looks like this: content branding jar:browser.jar!/content/branding/
xpcnativewrappers=yes content browser jar:browser.jar!/content/browser/
xpcnativewrappers=yes overlay chrome://global/content/viewsource.xul chrome://browser/content/viewsourceoverlay.xul overlay chrome://global/content/viewpartialsource.xul chrome://browser/content/viewsourceoverlay.xul overlay chrome://browser/content/pageinfo.xul chrome://pippki/content/pageinfooverlay.xul two packages are listed here, 'brand...
...the
xpcnativewrappers=yes part at the end of the manifest line is a flag that may optionally be used.
...if the
xpcnativewrappers flag is specified, it indicates that scripts running in a privileged context don't call these overridden versions, but the original built-in versions instead.
...for more information about this feature, see
xpcnativewrapper.
Chrome registration
component {09543782-22b1-4a0b-ba07-9134365776ee} maincomponent.js process=main component {98309951-ac89-4642-afea-7b2b6216bcef} contentcomponent.js process=content
xpcnativewrappers chrome packages can decide whether to use the
xpcnativewrapper security mechanism to automatically protect their code against malicious content that they might access.
...disabling it manually was possible by specifying
xpcnativewrappers=no until firefox 4.
...you can no longer disable
xpcnativewrappers.
... the
xpcnativewrappers flag applies only to content packages; it is not recognized for locale or skin registration.
Appendix D: Loading Scripts - Archive of obsolete content
let context = content; // create the sandbox let sandbox = components.utils.sandbox(context, { // make properties of the context object available via the // script's global scope sandboxprototype: context, // wrap objects retrieved from the sandbox in
xpcnativewrappers.
...objects passed out of the sandbox will not be wrapped in
xpcnativewrappers but will still be wrapped in inter-compartment proxies.
...objects passed out of the sandbox will not be wrapped in
xpcnativewrappers but will still be wrapped in inter-compartment proxies.
nsIChromeRegistry
violates the xpcom interface guidelines wrappersenabled() returns whether
xpcnativewrappers are enabled for the specified uri.
... boolean wrappersenabled( in nsiuri auri ); parameters auri the uri for which to determine if
xpcnativewrappers are enabled.
... return value true if
xpcnativewrappers are enabled for the specified uri; otherwise false.
nsIXPConnect
exceptions thrown missing exception missing description flagsystemfilenameprefix() preconfigure
xpcnativewrapper automation so that when a scripted caller whose filename starts with filenameprefix accesses a wrapped native that is not flagged as "system", the wrapped native will be automatically wrapped with an
xpcnativewrapper.
... returns an
xpcnativewrapper, xpcsafejsobjectwrapper, or xpccrossoriginwrapper for the given object based on the principal, scope, and filename flags that are passed in.
... this method will never wrap the jsobject involved in an
xpcnativewrapper before returning.
Working with windows in chrome code
you should be aware of
xpcnativewrappers when working with untrusted content.
... with
xpcnativewrappers turned on (which is the default in firefox 1.5+), your extension can safely access the dom of the content document, but not the content javascript.
... bypassing
xpcnativewrapper to work with content javascript directly can lead to security problems.
wrappedJSObject
there are two kinds of xpconnect wrappers that support the wrappedjsobject property:
xpcnativewrappers which are used to protect the chrome code working with content objects.
... see
xpcnativewrapper for detailed documentation.
XULRunner tips - Archive of obsolete content
ary directory unzip the package copy the following files: chrome/inspector.jar to the chrome directory of your xulrunner application components/inspector-cmdline.js to your components directory defaults/preferences/inspector.js to your preferences directory open your chrome.manifest file and add these lines: content inspector jar:inspector.jar!/content/inspector/
xpcnativewrappers=no locale inspector en-us jar:inspector.jar!/locale/inspector/ skin inspector modern/1.0 jar:inspector.jar!/skin/modern/inspector/ skin inspector classic/1.0 jar:inspector.jar!/skin/classic/inspector/ overlay chrome://inspector/content/popupoverlay.xul chrome://inspector/content/viewers/dom/popupoverlay.xul overlay chrome://inspector/content/co...
Components.utils.Sandbox
in situations where only unidirectional protection is needed, callers have the option to waive the x-ray behavior using wrappedjsobject or
xpcnativewrapper.unwrap().
Document.documentURIObject - Web APIs
privileged code must be careful not to try getting or setting this property on a non-wrapped content object (e.g., on a wrappedjsobject of an
xpcnativewrapper).
Window.content - Web APIs
see also working with windows in chrome code when accessing content documents from privileged code, be aware of
xpcnativewrappers.