Yep, Firebug simply uses the standard APIs but within a more privileged context. (It's not a separate process, even with e10s - it's a chrome-privileged compartment living in the same process as the web page. Ok, well, with e10s one might use CPOW wrappers, but that's mostly deprecated and a digression.) All accesses go through Xray wrappers, which is part of what makes that work. https://developer.mozilla.org/en-US/docs/Mozilla/Gecko/Script_security