从firefox扩展访问文档的javascript变量
[英]Accessing document's javascript variable from firefox extension
问题描述
is it possible for Firefox extension (toolbar) to access document's variables? 
Firefox扩展(工具栏)是否可以访问文档的变量? detailed explanation follows.. 详细解释如下..
loaded document: 加载文件:
<script type="text/javascript">
var variableForExtension = 'something';
</script>
extension: 延期:
var win = window.top.getBrowser().selectedBrowser.contentWindow;
alert(win.variableForExtension); // undefined
it was first thing to try, and it's inaccessible this way because of security mechanisms ( XPCNativeWrapper ). 这是第一件尝试,由于安全机制( XPCNativeWrapper ),这种方式无法访问。 i've read about accessing it trough wrappedJSObject and using events (adding listener to document and dispatching event from extension), but no luck. 我已经阅读过关于通过wrappedJSObject访问它并使用事件 (将侦听器添加到文档并从扩展中调度事件),但没有运气。 didn't try too hard, though. 但是并没有太努力。 so, before i dig deeper ('events method' sounds like a way to go) i'd like to know is this even possible? 所以,在我深入挖掘之前('事件方法'听起来像是一种方式),我想知道这是否可能?
thanks 谢谢
3 个解决方案
解决方案1
15 已采纳 2010-01-29 14:15:43
Yes, accessing a JS variable in content is and always was possible. 是的,访问内容中的JS变量始终是可行的。 Doing this the naive way wasn't safe (in the sense that a malicious web page could get chrome privileges) in older Firefox versions. 在较旧的Firefox版本中,这种天真的方式并不安全(在某种意义上,恶意网页可以获得chrome特权)。
1) If you control the web page and want to pass information to the extension, you should indeed use the events technique . 1)如果您控制网页并希望将信息传递给扩展程序,您确实应该使用事件技术 。 This worked and was/is safe in all Firefox versions. 这在所有Firefox版本中都很有效。
2) If you want to read a value from the content document, you can just bypass the XPCNativeWrapper: 2)如果要从内容文档中读取值,可以绕过XPCNativeWrapper:
var win = window.top.getBrowser().selectedBrowser.contentWindow;
// By the way, this could just be
// var win = content;
// or
// var win = gBrowser.contentWindow;
alert(win.variableForExtension); // undefined
win.wrappedJSObject.variableForExtension // voila!
This was unsafe prior to Firefox 3. In Firefox 3 and later it is OK to use, you get another kind of wrapper ( XPCSafeJSObjectWrapper ), which looks the same as the object from the content page to your code, but ensures the content page won't be able to do anything malicious. 这在Firefox 3之前是不安全的。在Firefox 3及更高版本中可以使用,你会得到另一种包装器( XPCSafeJSObjectWrapper ),它看起来与从内容页面到你的代码的对象相同,但确保赢得内容页面不能做任何恶意的事情。
3) If you need to call a function in a content web page or run your own code in the page's context, it's more complicated. 3)如果你需要在内容网页中调用一个函数或在页面的上下文中运行你自己的代码,那就更复杂了。 It was asked and answered elsewhere many times, but unfortunately never documented fully. 有人在其他地方多次询问和回答,但遗憾的是从未完全记录过。 Since this is unrelated to your question, I won't go into the details. 由于这与您的问题无关,因此我不会详细介绍。
解决方案2
4 2011-02-17 16:09:25
not so hard :) 不是很难:)
in extension: 在扩展中:
var jso=window.content.document.defaultView.wrappedJSObject;
now you can access any function or global variable in the webpage from the extension: 现在您可以从扩展程序访问网页中的任何函数或全局变量:
alert(jso.pagevar);
jso.pagefunction("hey");
解决方案3
0 2015-03-05 14:43:08
If you are working with the new High-Level SDKs then accessing the variable via content scripts is a little different. 如果您正在使用新的高级SDK,那么通过内容脚本访问变量会有所不同。 You can't access the JavaScript objects directly from the add on code, but you can reach them from content scripts that have been attached to an open page via the unsafeWindow object. 您无法直接从添加代码访问JavaScript对象,但您可以通过unsafeWindow对象从已附加到打开页面的内容脚本访问它们。 For example: 例如:
require("sdk/tabs").open({
url: 'http://www.example.com/some/page/',
onOpen: function(tab) {
var worker = tab.attach({
contentScript: 'unsafeWindow.variableForExtension = 1000;'
});
}
});
To read the variables you'll need to use the port methods on the worker variable as described in Mozilla's content script article. 要读取变量,您需要使用worker变量上的port方法,如Mozilla的内容脚本文章中所述。
Note that there are some security restrictions when dealing with objects and functions. 请注意,在处理对象和函数时存在一些安全限制。 See the articles for details. 有关详细信息,请参阅文章
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.