XPConnect Chrome Object Wrappers: Difference between revisions

← Older edit

XPConnect Chrome Object Wrappers (view source)

Revision as of 19:15, 20 August 2012

139 bytes removed , 20 August 2012

m

__exposedProps__ should use colon, not equal sign

D A

1

edit

@@ Line 39: / Line 39: @@
 === COWing Objects ===
-By default, Chrome objects passed into content space are completely opaque: no information can be accessed from them, and no properties can be defined on them.
+By default, non-function Chrome objects passed into content space are completely opaque: no information can be accessed from them, and no properties can be defined on them.
-'''TODO:''' What happens on read/write of properties on such objects? Is an exception raised, or do all reads simply return <tt>undefined</tt> and are all writes null-ops?
+When a non-writable property is written to, a security exception will be raised. However, when a non-readable property is accessed, its value is <tt>undefined</tt>: a security exception isn't thrown because we don't want to break code that relies on [http://en.wikipedia.org/wiki/Duck_typing duck typing].
-Individual properties can be exposed by defining a <tt>__exposedProps__</tt> property on the object, like so:
+To bypass this default behavior, individual properties can be exposed by defining a <tt>__exposedProps__</tt> property on the object, like so:
 <pre class="brush:js;">
@@ Line 49: / Line 49: @@
 var MyObj = {
-   __exposedProps__ = {foo: "r", bar: "rw"},
+   __exposedProps__: {foo: "r", bar: "rw"},
    foo: function foo(obj) {
@@ Line 59: / Line 59: @@
    baz: "I am protected information"
 }
-MyObj.foo.__callableByContent__ = true;
 </pre>
-In the above example, <tt>MyObj.foo()</tt> can be accessed but not assigned to&mdash;and <tt>foo()</tt> itself is callable from content, since <tt>__callableByContent__</tt> is set&mdash;and <tt>MyObj.bar</tt> is both readable and writable, while <tt>MyObj.baz</tt> can't be accessed at all.
+In the above example, <tt>MyObj.foo()</tt> can be accessed but not assigned to, <tt>foo()</tt> itself is callable from content, and <tt>MyObj.bar</tt> is both readable and writable, while <tt>MyObj.baz</tt> can't be accessed at all.
-If any property is accessed that isn't in <tt>__callableByContent__</tt>&mdash;even if the property doesn't even exist on the original object&mdash;then a JS <tt>Error</tt> is raised with the text "property not accessible from content".
 All properties that are exposed to content are enumerable by content as well.
-'''TODO:''' What should the default <tt>toString()</tt> method of a COW'ed object with no metadata yield?
+Getters and setters on exposed properties are automatically called as necessary.
-'''TODO:''' Does this work okay with getters and setters?
+If an exposed property is writable by content, it is deletable by content as well.
-'''TODO:''' If a property is writable by content, is it deletable by content as well?
+'''TODO:''' What should the default <tt>toString()</tt> method of a COW'ed object with no metadata yield?
 '''TODO:''' Discuss what to do with native objects that get exposed (like the Sidebar object).