This article is in need of a technical review.
This document is a high-level overview of XPConnect wrapper objects (for the more technical description see XPConnect security membranes). For practical advice on dealing with wrappers, see Safely accessing content DOM from chrome.
Developers in the know understand that wrappers play a large role in XPConnect, and that we have a lot of them. Less informed developers understand that wrappers exist and are somehow important, but they don't know when they should use what wrappers, or if they should be seeing a wrapper.
Basic XPConnect objects
window.focus(), you're calling into XPCWrappedNative code.
If you call '
toString()' and get "
[xpconnect wrapped nsIFoo]" then the reference is to a
XPCWrappedNative object with interface
They are implicitly created by XPConnect and you should not have to worry about how that happens. There are several types of wrapped natives, but I won't cover those here.
These wrappers are created by XPConnect, so you should not have to worry about how to construct them or whether to construct them.
Security wrappers exposed to chrome
To learn about security wrappers, see the article on script security in Gecko.
Note that a previous version of the current page recommended using
__exposedProps__ to expose objects from chrome to content. This is now deprecated and we are in the process of removing support for it. If you need to make objects or functions defined in chrome code accessible to content, use Components.utils.cloneInto or Components.utils.exportFunction.