[Greasemonkey] Script leakage

Aaron Boodman zboogs at gmail.com
Wed Jul 13 09:35:38 EDT 2005


> var ce = Components.lookupMethod(document,  createElement")
> 
> This works in chrome, but won't work in untrusted JS pre-Firefox 1.1.
> Also you can use XPCNativeWrapper(), see
> http://kb.mozillazine.org/XPCNativeWrapper

Will the node that is created/appended *also* be invisible to content?
I thought this was just to make sure you don't get a method you think
is createElement, but is actually a hacker's method.

> > * run javascript against the content DOM without adding a script
> > element, but remaining in the content's security context
> 
> You want mozIJSSubScriptLoader:
> http://www.xulplanet.com/references/xpcomref/ifaces/mozIJSSubScriptLoader.html
> See also http://weblogs.mozillazine.org/weirdal/archives/008101.html

I've played with it, but I couldn't figure out how to run it in a
security context less than chrome. Other than that, it is ideal. Do
you know how?

- a


More information about the Greasemonkey mailing list