XPCNativeWrapper is a way to wrap up an object so that it's safe to access from privileged code. It can be used in all Firefox versions, though the
behavior changed somewhat starting with Firefox 1.1.
XPCNativeWrapper in Firefox versions prior to 1.1
In Firefox versions prior to 1.1, use of
XPCNativeWrapper requires manually constructing an
XPCNativeWrapper and passing it the object to be wrapped and the names of the methods/properties to be exposed as arguments. The resulting object exposes ONLY the methods/properties whose methods were passed as arguments. This is described in more detail in the the entry for
XPCNativeWrapper at the MozillaZine KnowledgeBase.
XPCNativeWrapper in Firefox versions starting with 1.1
bz: Three types, or two? Still sorting this out. See https://bugzilla.mozilla.org/show_bug.cgi?id=295782
There are three slightly different types of
XPCNativeWrapper in Firefox 1.1. All three types wrap a possibly-unsafe object and provide safe access to all of its properties and methods (unlike
XPCNativeWrapper in versions before 1.1, which only provided safe access to the properties and methods listed in its constructor). If unsafe access to a property is required for some reason, this can be accomplished via the
wrappedJSObject property of the wrapper. For example, if
docWrapper is a wrapper for
is the same as
XPCNativeWrapper with string arguments
var contentWinWrapper = new XPCNativeWrapper(content, "document");
This syntax has been kept for compatibility with versions prior to Firefox 1.1. While all properties of the
contentWinWrapper object can now be safely accessed, the return values of these properties are NOT safe to access (just like in versions prior to Firefox 1.1).