Frame scripts run with system privileges and have access to the Components object, enabling them to use XPCOM objects and JSMs. Many privileged APIs will just work in a content process. Anything that just manipulates data structures will just work. XHR and Workers will work. However, some APIs that work in the chrome process will not work in a frame script. This article lists the most important of these APIs.
This is one of a pair of articles: the other one lists limitations of chrome scripts.
Security Restrictions on File Access
Processes that host remote content are isolated from the local system through a content security sandbox. One of the functions of the sandbox is to restrict access to the local file system by processes that host remote content. Since frame and process scripts often execute in remote content processes these scripts are subject to the same file access rules placed on remote content. Therefore frame scripts should not attempt to access the local file system directly, as these calls will fail.
Examples of APIs Add-on authors should avoid in frame scripts:
- Constructing a
Filefrom a string or
Fileobjects can be sent via message manager)
XUL and browser UI
Anything that tries to touch the browser UI or anything to do with XUL is likely to not work in the content process. For example:
Some services will not work in frame scripts.
Anything that needs to use chrome windows will not work in the content process. For example:
The Places API can't be used inside a frame script. For example:
Observers in the content process
These must be registered in the content process.
QI from content window to chrome window
window.QueryInterface(Ci.nsIInterfaceRequestor) .getInterface(Ci.nsIWebNavigation) .QueryInterface(Ci.nsIDocShellTreeItem) .rootTreeItem .QueryInterface(Ci.nsIInterfaceRequestor) .getInterface(Ci.nsIDOMWindow);
nsITabChild, that cannot be converted to an
nsIDOMWindow, so the second
getInterfacecall here will fail.
If you want a chrome window: send a message from the content process using the message manager. The
target property of the object passed into the message handler in the chrome process is the XUL
<browser> receiving the message, and you can get the chrome window from that (Note: I'm not really sure how...).
By default, custom
about: pages registered using
nsIAboutModule are loaded in the chrome process. This means that you can't access their content from the content process (via XHR, for example).
You can change this default in the code you use to register the about: URI. See about: and chrome: URIs.