Limitations of frame scripts 编辑
Frame scripts run with system privileges and have access to the Components object, enabling them to use XPCOM objects and JSMs. Many privileged APIs will just work in a content process. Anything that just manipulates data structures will just work. XHR and Workers will work. However, some APIs that work in the chrome process will not work in a frame script. This article lists the most important of these APIs.
This is one of a pair of articles: the other one lists limitations of chrome scripts.
Security Restrictions on File Access
Processes that host remote content are isolated from the local system through a content security sandbox. One of the functions of the sandbox is to restrict access to the local file system by processes that host remote content. Since frame and process scripts often execute in remote content processes these scripts are subject to the same file access rules placed on remote content. Therefore frame scripts should not attempt to access the local file system directly, as these calls will fail.
Examples of APIs Add-on authors should avoid in frame scripts:
nsIFileInputStream
nsIFileOutputStream
- Constructing a
File
from a string ornsIFile
(butFile
objects can be sent via message manager) HTMLInputElement.mozSetFileNameArray
(alternative:mozSetFileArray
)
XUL and browser UI
Anything that tries to touch the browser UI or anything to do with XUL is likely to not work in the content process. For example:
nsIPromptService
nsIFilePicker
nsIXUL*
- <need more examples>
Services
Some services will not work in frame scripts.
- Services.search
- Services.downloads
Chrome windows
Anything that needs to use chrome windows will not work in the content process. For example:
nsISessionStore
nsIWindowMediator
- <need more examples>
Places API
The Places API can't be used inside a frame script. For example:
Observers in the content process
As noted in Observers in the chrome process, most observers should be registered in the chrome process and will not work in the content process. The exceptions are:
content-document-global-created
document-element-inserted
outer-window-destroyed
inner-window-destroyed
dom-window-destroyed
These must be registered in the content process.
QI from content window to chrome window
There's a particular pattern often used to get from a content window to the associated chrome window. It looks something like this:window.QueryInterface(Ci.nsIInterfaceRequestor)
.getInterface(Ci.nsIWebNavigation)
.QueryInterface(Ci.nsIDocShellTreeItem)
.rootTreeItem
.QueryInterface(Ci.nsIInterfaceRequestor)
.getInterface(Ci.nsIDOMWindow);
This will no longer work. In the content process the root tree item is an nsITabChild
, that cannot be converted to an nsIDOMWindow
, so the second getInterface
call here will fail.If you want a chrome window: send a message from the content process using the message manager. The target
property of the object passed into the message handler in the chrome process is the XUL <browser>
receiving the message, and you can get the chrome window from that (Note: I'm not really sure how...).
nsIAboutModule
By default, custom about:
pages registered using nsIAboutModule
are loaded in the chrome process. This means that you can't access their content from the content process (via XHR, for example).
You can change this default in the code you use to register the about: URI. See about: and chrome: URIs.
JavaScript code modules (JSMs)
In multiprocess Firefox, a JSM loaded into the content process does not share any state with the same JSM loaded into the chrome process. See the entry in the Limitations on chrome scripts page.如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论