What does the Mozilla Firefox XPCSafeJSObject shell actually do?
The MDC documentation is as follows:
This shell was created to solve some problems with XPCNativeWrapper. In particular, some extensions want to be able to safely access objects independent of the object, and not access the underlying JavaScript object under XPCNativeWrapper without its strong guarantees of behavior. XPCSJOW acts as a buffer between the chrome code.
It doesn’t tell me much. In particular, I cannot say how access to objects through XPCSafeObject differs from directly accessing them.
Change . I understand that the goal of the wrapper as a whole is to protect privileged code from unprivileged code. What I do not understand (and does not seem to be documented) is how XPCSafeJSObject does it.
Does it only set privileges for accessing a property?
. JavaScript, - , getter - . , . . .
XPCSafeJSObject JavaScript (.. , .., ).
: , , ( .) XPCSafeJSObject DXR .
XPCSafeJSObjectWrapper , ( , ). , , XSS , ( XSS ). , , XSS ( , , ), . XPCNativeWrapper, (, , ), XSS.
, , , chrome. , chrome, .
Source: https://habr.com/ru/post/1698752/More articles:ORA-12514 after server reboot - oraclerandom number with a ratio of 1: 2 - mathAuto YUV → RGB in DirectShow for custom decoder - rgbLinks to tables - sql-serverSQL Date Formulas - dateТест RCP-связи/отзывчивость - remote-desktopHow to reload kerberos configuration under tomcat? - tomcatИзмените HTML в окне Internet Explorer с помощью внешних .menuArguments - internet-explorerBest way for an R&D company to get out of a clean “D” regime? - rdDownload the xml.gz file using HttpsURLConnection - javaAll Articles