firefox addon - Is it possible to allow a content function to run in browser scope? -

-

is possible (how) addon allow specific function in document/page/content scope run in browser scope?
(i aware of security implications , specific , specific purpose.)

as general example, xmlhttprequest in content script has content scope. gm_xmlhttprequest via greasemonkey has browser scope.

imagine having gm_xmlhttprequest in content script , wanting addon allow gm_xmlhttprequest run in browser scope.

there 3 separate security scopes (called principals) involved when scripting page.

  • the system principal (full access everything, including operating system apis)
  • the expanded principal of sandbox may scoped 1 or more origin domains. when scoped single domain it's still considered more privileged content itself
  • the content principal of page itself

so if want run addon-script performs cross-origin xhr you not need grant privilege page content itself.

you need grant sandbox in addon-script runs, separated xray-wrappers untrusted page-content.

if you're using addon sdk , xhr domains finite set can specify them in addon configuration.

if need xhrs arbitrary domains have drop lower level , use frame scripts, have system principal privileges while being able manipulate page content.

for security reasons might better use framescript instantiate sandbox principal scoped page , inject privileged xhr function it, what greasemonkey does. or if needs xhr more limited might processing outside sandbox , supply function returns processed result sandbox.


Comments

Post a Comment

Popular posts from this blog

google chrome - Developer tools - How to inspect the elements which are added momentarily (by JQuery)? -

-
i looking @ how website designed using inspector in chrome. can use firefox developer tools or firefox web developer add-on or chrome web developer extension. so website has slide-show , using jquery it. looking @ markup , css in inspector, i see 2 things constantly changing slides change: one opacity css property understandable, i'd see changing values, changes fast see read anything. second- a div added in div slides change momentarily , moment when appears short notice except div . so question is there way stop slideshow can temporarily rid of blinking sort of effect (by speedy adding , removal , changing of elements , values)? where can inspect div element gets added such short moment , , gets removed? , can see changes in value of opacity takes place? is there way stop slideshow can temporarily rid of blinking sort of effect (by speedy adding , removal , changing of elements , values)? if opacity animated css transition or animation,
Read more

angularjs - Showing an empty as first option in select tag -

-
my app showing empty select field first entry. have read other solution given , tried still not working. my controller code is: .controller('usercreatecontroller', function(user,profile,auth) { alert("hello"); var vm = this; vm.type = 'create'; profile.all() //this service fetch profiles shown in select field .success(function(data){ vm.profile = data; }); vm.userdata.profile = vm.profile[0]; //here have set default value select field and html page is: <label class="col-sm-2 control-label">profile</label> <div class="col-sm-8"> <select ng-model="user.userdata.profile" ng-options="person._id person.profilename person in user.profile"> </select> </div> hierarchy of vm.profile { "_id": 46, "profile": objectid("5516498e95b84548156db754"), "isactive": true, "password": "$2
Read more

php - Cloud9 cloud IDE and CakePHP -

-
i attempting cakephp running on cloud9, cloud based ide. unaware, cloud collaboration ide intermixes services such bitbucket. site gives sudo rights, , installed cakephp using these instructions: https://www.digitalocean.com/community/tutorials/how-to-install-cakephp-on-an-ubuntu-12-04-vps when attempt run database exported machine cakephp installed, error message "url rewriting not configured on server." attempted solve issue using official guide cakephp: http://book.cakephp.org/2.0/en/installation/url-rewriting.html but no cigar, same error message. has gotten cakephp working, or aware of cloud ide free/low cost cloud9 support cakephp? here's how got working now: sudo apt-get update sudo apt-get install php5-intl curl -ss https://getcomposer.org/installer | php -- --filename=composer ./composer create-project --prefer-dist cakephp/app this creates project in /app default. move workspace docroot: mv app/* ./ mv app/.* ./ rm -rf app then de
Read more