You might start by reading this...
http://www.mozilla.org/projects/security/components/signed-scripts.html
I'm not sure exactly how up to date it is. And, there a bound to be
other useful documents. But, a quick look at it suggests to me that it
is a good primer on the mozilla privilege-based security scheme.
John.
matra wrote:
Hi,
I have developed a native XPCOM component. I would like to call it from
JavaScript, but have bumped into the following problem:
It looks like UniversalXPConnect permission can only be enabled from pages,
that have been loadad from local disk. The privilege can not be enabled for
pages loaded from internet . The following statement throws an exception:
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
Questions:
- is it possible to enable UniversalXPConnect for internet pages?
- is it possible to grant JavaScript access to just specific XPCOM component
instead of granting access to all components with UniversalXPConnect
(UniversalXPConnect looks like a very dangerous beast)
- is there any other extension technology available, which would not require
UniversalXpConnect. For example:
- creating plugin object (how?)
- registering a custom service in chrome, that could be accessed from
ordinary javaScript pages and would forward calls to my component (I am
making this up)
- any other?
I am using Firefox 1.5.
Thanks for the help,
Matra
_______________________________________________
dev-tech-xpcom mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-xpcom
