I have an extension that loads an HTML file into a hidden <browser> and runs
script in the context of the hidden browser window. That script needs to be
able to make crossdomain XHR requests to chrome:// and resource:// URLs that
are apparently now blocked in Firefox 19 (they weren't blocked in Firefox 18).
I'm trying to solve this by injecting my own XMLHttpRequest symbol into the
window that wraps @mozilla.org/xmlextras/xmlhttprequest;1. This means that the
content can instantiate an XHR with chrome privileges and no crossdomain
restrictions. The properties of the XHR object weren't visible in content when
I first tried this, but I solved this using __exposedProps__.
Now I get "Permission denied to access property 'documentElement'" when
accessing using the responseXML property. I tried setting __exposedProps__ = {
documentElement: "r" } but this doesn't appear to make a difference (presumably
because setting __exposedProps__ on a native wrapper doesn't work).
Is there a better way to let content do crossdomain XHR? Or is there a good way
to provide a usable XML DOM from chrome to content? I can always reparse
responseText to create my own DOM if there's a way to create a content-friendly
DOM.
Cheers,
Matt
_______________________________________________
dev-platform mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-platform
