Firefox XPCOM component - Permission denied to call method UnnamedClass

Question

Can a firefox XPCOM component read and write page content across multiple pages?

Scenario: A bunch of local HTML and javascript files. A "Main.html" file opens a window "pluginWindow", and creates a plugin using:

netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
var obj = Components.classes[cid].createInstance();
plugin = obj.QueryInterface(Components.interfaces.IPlugin);
plugin.addObserver(handleEvent);

The plugin that has 3 methods.

IPlugin.Read - Read data from plugin
IPlugin.Write - Write data to the plugin
IPlugin.addObserver - Add a callback handler for reading.

The "Main.html" then calls into the pluginWindow and tries to call the plugin method Write.

I receive an error:

Permission denied to call method UnnamedClass.Write

Answer 1

Does Main.html and that other window run with chrome privileges? If you access Main.html "normally", just putting it on the location bar of Firefox, then it will have restrictions to what it can do (Otherwise, an arbitrary web page could do exactly the same).

If you are creating a firefox plugin, place your code in a XUL overlay.

If you really want to allow any web page to do whatever it is your plugin does, you can establish some mechanism through wich the page can ask the plugin to do the operation with its chrome privileges and send the result to the page afterwards.

If you are NOT making a firefox extension...then I am afraid I misunderstood something, could you explain it more?

Answer 2

First, is your C++ code really a plugin or an XPCOM component, possibly installed as part of an extension? Sounds like it's the later.

If so, it's not usable from untrusted JS code - any web page or a local HTML file. It's fully usable from privileged code, the most common type of which is the extension code.

You're working around this problem when creating the component using the enablePrivilege('UniversalXPConnect') call. This is not really recommended, unless this will not be distributed to users (since this call pops a confusing box and if you set a preference to always allow file:// scripts use XPCOM, it may be a security problem, since not all local pages are trusted - think saved web pages).

Your Write call fails for the same reason - file:// pages are not trusted to use XPCOM components. You probably can get it to work if you add another enablePrivilege call in the same function as the Write call itself.

Depending on the situation, there may be a better solution.

If your files must be treated as trusted, you may want to package them as an extension and access them via a chrome:// URL. This gives the code in those pages permissions to call any XPCOM component, including yours.

If the component's methods are safe to use from any page or if the environment is controlled and no untrusted pages are loaded in the browser, you could make your component accessible to content (search for nsSidebar in mozilla code for an example and also for nsISecurityCheckedComponent).

Oh, and when you don't get good answers here, you should definitely try the mozilla newsgroups/mailing lists.

[edit in reply to a comment] Consider putting the code that needs to call the component in a chrome:// script. Alternatively, you should be able to "bless" your pages with the chrome privileges using code like this (note that it does the opposite of what you need - stripping away the chrome privileges).