I have an extension that loads an HTML file into a hidden <browser> and runs script in the context of the hidden browser window. That script needs to be able to make crossdomain XHR requests to chrome:// and resource:// URLs that are apparently now blocked in Firefox 19 (they weren't blocked in Firefox 18).
I'm trying to solve this by injecting my own XMLHttpRequest symbol into the window that wraps @mozilla.org/xmlextras/xmlhttprequest;1. This means that the content can instantiate an XHR with chrome privileges and no crossdomain restrictions. The properties of the XHR object weren't visible in content when I first tried this, but I solved this using __exposedProps__. Now I get "Permission denied to access property 'documentElement'" when accessing using the responseXML property. I tried setting __exposedProps__ = { documentElement: "r" } but this doesn't appear to make a difference (presumably because setting __exposedProps__ on a native wrapper doesn't work). Is there a better way to let content do crossdomain XHR? Or is there a good way to provide a usable XML DOM from chrome to content? I can always reparse responseText to create my own DOM if there's a way to create a content-friendly DOM. Cheers, Matt _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform