Table 12-1 shows the expanded privileges available to signed scripts. Signed applications are granted these privileges as a matter of course.
Table 12-1. Expanded privileges available to signed scripts
Privilege |
Purpose |
---|---|
UniversalBrowserRead |
Reads sensitive browser data. This reading allows the script to pass the same origin check when reading from any document. |
UniversalBrowserWrite |
Modifies sensitive browser data. This modification allows the script to pass the same origin check when writing to any document. |
UniversalXPConnect |
Gives unrestricted access to browser APIs using XPConnect. |
UniversalPreferencesRead |
Reads preferences using the navigator.preference method. |
UniversalPreferencesWrite |
Allows you to set preferences using the navigator.preference method. |
CapabilityPreferencesAccess |
Allows you to read/set the preferences that define security policies, including which privileges are granted and denied to scripts. (You also need UniversalPreferencesRead/Write.) |
UniversalFileRead |
Handles window.open of file:// URLs. Makes the browser upload files from the user's hard drive by using <input type="file">. |
Use an about: format URL other than about:blank; requires UniversalBrowserRead.
Use the methods and properties in the Table 12-2 under the indicated circumstances.
Table 12-2. Expanded privileges available to signed scripts
Method / property |
Description |
---|---|
EnableExternalCapture |
Captures events in pages loaded from different servers. Follow this method with captureEvents. |
Close |
Unconditionally closes a browser window. |
moveBy, moveTo |
Moves a window off of the screen. |
Open |
|
resizeTo, resizeBy |
Resizes a window smaller than 100 x 100 pixels or larger than the screen can accommodate. |
innerWidth, innerHeight |
Sets the inner width of a window to a size smaller than 100 x 100 or larger than the screen can accommodate. |
This snippet of code shows how to use the privilege manager in JavaScript:
netscape.security.PrivilegeManager. enablePrivilege("UniversalBrowserWrite"); window.titlebar=no;
You can pass any privilege listed in Table 12-1 to the enablePrivilege method, which is accessed through the netscape.security.PrivilegeManager object. This object is recognized globally. In this example, the code hides the titlebar via the window object.
Security is extremely important, so it is important that some means of granting special privileges to trusted scripts for accessing Mozilla components be available. In essence, signed scripts are Mozilla's version of ActiveX.
The parallels become even more apparent when you consider access to XPConnect as one of the security model's main boundaries. Just as ActiveX makes COM available in IE, signing makes XPCOM available in remote Mozilla applications. Given all that is possible in XPCOM, this chapter leaves what can be archived with remote Mozilla applications and XPConnect up to your imagination.