XPConnect Chrome Object Wrappers: Difference between revisions
(added more) |
(added Cu.exposeToContent() call on functions that need wrapping) |
||
| Line 10: | Line 10: | ||
<pre class="brush:js;"> | <pre class="brush:js;"> | ||
const Cu = Components.utils; | |||
sandbox.foo = function foo(x) { /* ... */ }; | |||
var result = | var sandbox = Cu.Sandbox("http://www.mozilla.org"); | ||
sandbox.foo = Cu.exposeToContent(function foo(x) { /* ... */ }); | |||
var result = Cu.evalInSandbox("foo({bar: 5});"); | |||
</pre> | </pre> | ||
In the above example, <tt>foo()</tt> is wrapped by a COW when accessed by sandboxed code executed via <tt>Components.utils.evalInSandbox()</tt>. The object <tt>{bar: 5}</tt> is wrapped in an <tt>XPCSafeJSObjectWrapper</tt> before being passed into <tt>foo()</tt>, and whatever is returned from <tt>foo()</tt> and placed in <tt>result</tt> is usually wrapped in a COW as well. | In the above example, <tt>foo()</tt> is wrapped by a COW when accessed by sandboxed code executed via <tt>Components.utils.evalInSandbox()</tt>. The object <tt>{bar: 5}</tt> is wrapped in an <tt>XPCSafeJSObjectWrapper</tt> before being passed into <tt>foo()</tt>, and whatever is returned from <tt>foo()</tt> and placed in <tt>result</tt> is usually wrapped in a COW as well. | ||
Revision as of 00:07, 17 September 2009
Introduction
Chrome Object Wrappers, or COWs for short, allow privileged code to securely expose some subset of its functionality to untrusted or semi-trusted content.
The COW is actually the final step in an epic quest to make the interaction between chrome and content as natural and secure as possible by encasing JavaScript objects in "membranes" that mediate access between their object and the outside world. Before reading the rest of this document, you should be familiar with the story so far, which is explained in detail at XPConnect wrappers.
Usage
COWs are always created automatically whenever an object passes through a trust boundary. For instance, assume the following chrome-privileged code:
const Cu = Components.utils;
var sandbox = Cu.Sandbox("http://www.mozilla.org");
sandbox.foo = Cu.exposeToContent(function foo(x) { /* ... */ });
var result = Cu.evalInSandbox("foo({bar: 5});");
In the above example, foo() is wrapped by a COW when accessed by sandboxed code executed via Components.utils.evalInSandbox(). The object {bar: 5} is wrapped in an XPCSafeJSObjectWrapper before being passed into foo(), and whatever is returned from foo() and placed in result is usually wrapped in a COW as well.