Bypassing Security Restrictions and Signing Code

Jump to:

我们的志愿者还没有将这篇文章翻译为 中文 (简体)加入我们帮助完成翻译!
您也可以阅读此文章的English (US)版。

This feature is non-standard and is not on a standards track. Do not use it on production sites facing the Web: it will not work for every user. There may also be large incompatibilities between implementations and the behavior may change in the future.

This feature has been removed from the Web standards. Though some browsers may still support it, it is in the process of being dropped. Avoid using it and update existing code if possible; see the compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time.

Early versions of Firefox allowed web sites to segregate principals using signed scripts, and request extra permissions for scopes within signed scripts using a function called enablePrivelege. These Privilege Manager feature was not used much (aside from abuse), and its complexity made performance improvements difficult. Signed script segregation was removed in bug 726125, the enablePrivilege prompt was removed in bug 750859, and enablePrivilege itself was nerfed in bug 757046.

The Privilege Manager has been deprecated in Firefox 12 and disabled in Firefox 17.

Sites that require additional permissions should now ask Firefox users to install an extension, which can interact with non-privileged pages if needed.

See also


 最后编辑者: kohei.yoshino,