Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

help with evalInSandbox

48 views
Skip to first unread message

AriMSt...@gmail.com

unread,
Oct 21, 2006, 11:42:14 PM10/21/06
to
Hi,
I'm trying to write something that calls a function defined by the page
that I'm currently on. Here's what I've got so far, with a little help
from IRC and the Greasemonkey source:
var safeWin = XPCNativeWrapper(content);
var sandbox = Components.utils.Sandbox(safeWin);
sandbox.window = safeWin;
sandbox.document = safeWin.document;
sandbox.__proto__ = safeWin.wrappedJSObject;
Components.utils.evalInSandbox("foo()", sandbox)
This all works fine, until foo() tries to make an XMLHttpRequest. I
get the not particularly helpful error:
Error: uncaught exception: [Exception... "Component returned failure
code: 0x80004005 (NS_ERROR_FAILURE) [nsIXMLHttpRequest.open]"
nsresult: "0x80004005 (NS_ERROR_FAILURE)"

I also tried the (presumably unsafe) variation:
content.wrappedJSObject.foo()
which gives a slightly more useful error message:
Error: Access to 'chrome://browser/content/ajax.php from script denied
Source File: http://www.mydomain.com/test.html Line: 18

which seems to suggest quite clearly that the sandbox is
misinterpretting the relative URL in the XMLHttpRequest to be relative
to the chrome path I am actually running from and not the http:// url
that it should be running from. Any thoughts on how I can fix this,
short of changing the web page to use absolute url's (which indeed does
seem to fix the problem but may be infeasible in some situations)?
Thanks.

Boris Zbarsky

unread,
Oct 22, 2006, 12:28:03 PM10/22/06
to
AriMSt...@gmail.com wrote:
> which seems to suggest quite clearly that the sandbox is
> misinterpretting the relative URL in the XMLHttpRequest to be relative
> to the chrome path I am actually running from

It's not the sandbox. The way XMLHttpRequest gets its base URI makes the
fundamental assumption that it's running against a window (which is not true in
this case). So doing XMLHttpRequest in a sandbox will just not work very well....

When we change the base URI behavior to match the W3C proposal and take the base
URI from the window the XMLHttpRequest object was created on, this might get better.

-Boris

harry

unread,
Nov 21, 2006, 5:39:02 AM11/21/06
to
Hi friend

can u explain these lines in detail ...

i m unable to understand

> When we change the base URI behavior to match the W3C proposal and take the base
> URI from the window the XMLHttpRequest object was created on, this might get better.

Thanks in advance

Boris Zbarsky

unread,
Nov 21, 2006, 11:45:14 AM11/21/06
to
harry wrote:
>> When we change the base URI behavior to match the W3C proposal and take the base
>> URI from the window the XMLHttpRequest object was created on, this might get better.

At that point the XMLHttpRequest will not be trying to get the base URI from the
sandbox.

-Boris

0 new messages