CINXE.COM
Script Security — Firefox Source Docs documentation
<!doctype html> <html class="writer-html5" lang="en" data-content_root="../../"> <head> <base href="https://firefox-source-docs.mozilla.org/dom/scriptSecurity/index.html"> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Script Security — Firefox Source Docs documentation</title> <link rel="stylesheet" type="text/css" href="../../_static/pygments.css?v=fa44fd50"> <link rel="stylesheet" type="text/css" href="../../_static/css/theme.css?v=19f00094"> <link rel="stylesheet" type="text/css" href="../../_static/graphviz.css?v=fd3f3429"> <link rel="stylesheet" type="text/css" href="../../_static/copybutton.css?v=76b2166b"> <link rel="stylesheet" type="text/css" href="../../_static/custom_theme.css?v=a7d3e023"> <link rel="stylesheet" type="text/css" href="../../_static/design-style.1e8bd061cd6da7fc9cf755528e8ffc24.min.css?v=0a3b3ea7"> <link rel="shortcut icon" href="../../_static/firefox.ico"><!--[if lt IE 9]> <script src="../../_static/js/html5shiv.min.js"></script> <![endif]--> <script src="../../_static/jquery.js?v=5d32c60e"></script> <script src="../../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script> <script src="../../_static/documentation_options.js?v=5929fcd5"></script> <script src="../../_static/doctools.js?v=9a2dae69"></script> <script src="../../_static/sphinx_highlight.js?v=dc90522c"></script> <script src="../../_static/clipboard.min.js?v=a7894cd8"></script> <script src="../../_static/copybutton.js?v=30646c52"></script> <script src="../../_static/design-tabs.js?v=36754332"></script> <script src="../../_static/js/theme.js"></script> <link rel="index" title="Index" href="../../genindex.html"> <link rel="search" title="Search" href="../../search.html"> <link rel="next" title="Xray Vision" href="xray_vision.html"> <link rel="prev" title="Push" href="../push/index.html"> <meta http-equiv="X-Translated-By" content="Google"> <meta http-equiv="X-Translated-To" content="tr"> <script type="text/javascript" src="https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_GB.1hbgkFx4Qn8.O/am=DgY/d=1/rs=AN8SPfqlmAPxwfG457BPbRXwNq39oSMGHg/m=corsproxy" data-sourceurl="https://firefox-source-docs.mozilla.org/dom/scriptSecurity/index.html"></script> <link href="https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200" rel="stylesheet"> <script type="text/javascript" src="https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_GB.1hbgkFx4Qn8.O/am=DgY/d=1/exm=corsproxy/ed=1/rs=AN8SPfqlmAPxwfG457BPbRXwNq39oSMGHg/m=phishing_protection" data-phishing-protection-enabled="false" data-forms-warning-enabled="true" data-source-url="https://firefox-source-docs.mozilla.org/dom/scriptSecurity/index.html"></script> <meta name="robots" content="none"> </head> <body class="wy-body-for-nav"> <script type="text/javascript" src="https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.en_GB.1hbgkFx4Qn8.O/am=DgY/d=1/exm=corsproxy,phishing_protection/ed=1/rs=AN8SPfqlmAPxwfG457BPbRXwNq39oSMGHg/m=navigationui" data-environment="prod" data-proxy-url="https://firefox--source--docs-mozilla-org.translate.goog" data-proxy-full-url="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB" data-source-url="https://firefox-source-docs.mozilla.org/dom/scriptSecurity/index.html" data-source-language="pl" data-target-language="tr" data-display-language="en-GB" data-detected-source-language="" data-is-source-untranslated="false" data-source-untranslated-url="https://translate.google.com/website?sl=pl&tl=tr&hl=en-GB&u=https://firefox-source-docs.mozilla.org/dom/scriptSecurity/index.html&anno=2" data-client="tr"></script> <div class="wy-grid-for-nav"> <nav data-toggle="wy-nav-shift" class="wy-nav-side"> <div class="wy-side-scroll"> <div class="wy-side-nav-search"><a href="https://firefox--source--docs-mozilla-org.translate.goog/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB" class="icon icon-home"> Firefox Source Docs <img src="../../_static/firefox-wordmark.svg" class="logo" alt="Logo"> </a><!-- -- This code is governed by the BSD license ----> <div> <h3>Quick search</h3> <script> (function () { var cx = "dd12886298f75dbef"; var gcse = document.createElement("script"); gcse.async = true; gcse.src = "https://cse.google.com/cse.js?cx=" + cx; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(gcse, s); })(); </script><gcse:search></gcse:search> </div> </div> <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu"> <p class="caption" role="heading"><span class="caption-text">Overview</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/glossary/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">A Glossary of Common Terms</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/overview/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">A Quick Guide to Mozilla Applications</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Getting Started</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/setup/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Getting Set Up To Work On The Firefox Codebase</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Working On Firefox</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/contributing/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Working on Firefox</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/bug-mgmt/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Bug Handling</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Firefox User Guide</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/devtools-user/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox DevTools User Docs</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Source Code Documentation</span></p> <ul class="current"> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/mots/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Governance</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/browser/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox Front-end</a></li> <li class="toctree-l1 current"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">DOM</a> <ul class="current"> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/ipc/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">DOM IPC</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/navigation/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">DOM Navigation</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/push/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Push</a></li> <li class="toctree-l2 current"><a class="current reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#">Script Security</a> <ul> <li class="toctree-l3"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#security-policy">Security policy</a></li> <li class="toctree-l3"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#compartments">Compartments</a></li> <li class="toctree-l3"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#cross-compartment-access">Cross-compartment access</a> <ul> <li class="toctree-l4"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#same-origin">Same-origin</a></li> <li class="toctree-l4"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#cross-origin">Cross-origin</a></li> <li class="toctree-l4"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#privileged-to-unprivileged-code">Privileged to unprivileged code</a></li> <li class="toctree-l4"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#unprivileged-to-privileged-code">Unprivileged to privileged code</a></li> </ul></li> <li class="toctree-l3"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#security-checks">Security checks</a> <ul> <li class="toctree-l4"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#subsumes">Subsumes</a></li> <li class="toctree-l4"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#security-principals">Security principals</a></li> <li class="toctree-l4"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#principal-relationships">Principal relationships</a></li> </ul></li> <li class="toctree-l3"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#computing-a-wrapper">Computing a wrapper</a></li> </ul></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/xray_vision.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Xray Vision</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/workersAndStorage/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">DOM Workers & Storage</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/webIdlBindings/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Web IDL bindings</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/ioutils_migration.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">IOUtils Migration Guide</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/fedcm.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Federated Credential Management</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/streams.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Implementing specifications using WHATWG Streams API</a></li> <li class="toctree-l2"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/use-counters.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Use Counters</a></li> </ul></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/editor/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Editor</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/layout/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Style system (CSS) & Layout</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/gfx/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Graphics</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/ipc/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Processes, Threads and IPC</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/devtools/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox DevTools Contributor Docs</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/toolkit/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Toolkit</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/js/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">SpiderMonkey</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/mobile/android/geckoview/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">GeckoView</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/mobile/android/fenix/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Fenix</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/mobile/android/focus-android/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Focus for Android</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/bindings/webidl/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">WebIDL</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/modules/libpref/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">libpref</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/networking/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Networking</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/remote/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Remote Protocols</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/services/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Services</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/uriloader/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">File Handling</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/widget/cocoa/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox on macOS</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/widget/windows/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox on Windows</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/toolkit/components/ml/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox AI Platform</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/accessible/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Accessibility</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/code-quality/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Code quality</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/writing-rust-code/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Writing Rust Code</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/rust-components/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Rust Components</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/tools/profiler/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Gecko Profiler</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/performance/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Performance</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/storage/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Database bindings (SQLite, KV, …)</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/xpcom/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">XPCOM</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/nspr/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">NSPR</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/security/nss/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Network Security Services (NSS)</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/content-security/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Web Security Checks in Gecko</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">The Firefox Build System</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/mach/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Mach</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/tools/try/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Pushing to Try</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/build/buildsystem/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Build System</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/taskcluster/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox CI and Taskgraph</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/tools/moztreedocs/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Managing Documentation</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/mozbuild/vendor/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Vendoring Third Party Components</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Testing & Test Infrastructure</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/automated-testing/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Automated Testing</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/treeherder-try/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Understanding Treeherder Results</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/sheriffed-intermittents/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Sheriffed intermittent failures</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/tests-for-new-config/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Turning on Firefox tests for a new configuration</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/intermittent/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Avoiding intermittent tests</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/testing-policy/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Testing Policy</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/ci-configs/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Configuration Changes</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/browser-chrome/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Browser chrome mochitests</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/chrome-tests/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Chrome Tests</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/marionette/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Marionette</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/geckodriver/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">geckodriver</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/test-verification/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Test Verification</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/webrender/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">WebRender Tests</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/mochitest-plain/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Mochitest</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/xpcshell/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">XPCShell tests</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/tps/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">TPS</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/web-platform/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">web-platform-tests</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/gtest/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">GTest</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/tools/fuzzing/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Fuzzing</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/tools/sanitizer/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Sanitizer</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing/perfdocs/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Performance Testing</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/tools/code-coverage/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Code coverage</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/testing-rust-code/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Testing & Debugging Rust Code</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Releases & Updates</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/update-infrastructure/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Mozilla Update Infrastructure</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/update-infrastructure/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#watershed-updates">Watershed Updates</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/update-infrastructure/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#desupport-updates">Desupport Updates</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Localization & Internationalization</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/intl/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Internationalization</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/l10n/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Localization</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Firefox and Python</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/mozbase/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">mozbase</a></li> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/python/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Using third-party Python packages</a></li> </ul> <p class="caption" role="heading"><span class="caption-text">Metrics Collected in Firefox</span></p> <ul> <li class="toctree-l1"><a class="reference internal" href="https://firefox--source--docs-mozilla-org.translate.goog/metrics/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Metrics</a></li> </ul> </div> </div> </nav> <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"> <nav class="wy-nav-top" aria-label="Mobile navigation menu"><i data-toggle="wy-nav-top" class="fa fa-bars"></i> <a href="https://firefox--source--docs-mozilla-org.translate.goog/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Firefox Source Docs</a> </nav> <div class="wy-nav-content"> <div class="rst-content"><!-- This Source Code Form is subject to the terms of the Mozilla Public - License, v. 2.0. If a copy of the MPL was not distributed with this file, - You can obtain one at http://mozilla.org/MPL/2.0/. --> <div role="navigation" aria-label="Page navigation"> <ul class="wy-breadcrumbs"> <li><a href="https://firefox--source--docs-mozilla-org.translate.goog/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB" class="icon icon-home" aria-label="Home"></a></li> <li class="breadcrumb-item"><a href="https://firefox--source--docs-mozilla-org.translate.goog/dom/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">DOM</a></li> <li class="breadcrumb-item active">Script Security</li> <li class="wy-breadcrumbs-aside"><a href="https://translate.google.com/website?sl=pl&tl=tr&hl=en-GB&u=https://bugzilla.mozilla.org/enter_bug.cgi?product%3DDeveloper%2BInfrastructure%26component%3DFirefox%2BSource%2BDocs%253A%2BContent%26short_desc%3DDocumentation%2Bissue%2Bon%2Bdom/scriptSecurity/index%26comment%3DURL%2B%3D%2Bhttps://firefox-source-docs.mozilla.org/dom/scriptSecurity/index.html%26bug_file_loc%3Dhttps://firefox-source-docs.mozilla.org/dom/scriptSecurity/index.html" rel="nofollow">Report an issue</a> / <a href="https://firefox--source--docs-mozilla-org.translate.goog/_sources/dom/scriptSecurity/index.rst.txt?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB" rel="nofollow"> View page source</a></li> </ul> <hr> </div> <div role="main" class="document" itemscope itemtype="http://schema.org/Article"> <div itemprop="articleBody"> <section id="script-security"> <h1>Script Security<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#script-security" title="Link to this heading">¶</a></h1> <div class="summary docutils container"> <p>This page provides an overview of the script security architecture in Gecko.</p> </div> <p>Like any web browser, Gecko can load JavaScript from untrusted and potentially hostile web pages and run it on the user’s computer. The security model for web content is based on the <a class="reference external" href="https://translate.google.com/website?sl=pl&tl=tr&hl=en-GB&u=https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy">same-origin policy</a>, in which code gets full access to objects from its origin but highly restricted access to objects from a different origin. The rules for determining whether an object is same-origin with another, and what access is allowed cross-origin, are now mostly standardized across browsers.</p> <p>Gecko has an additional problem, though: while its core is written in C++, the front-end code is written in JavaScript. This JavaScript code, which is commonly referred to as c<em>hrome code</em>, runs with system privileges. If the code is compromised, the attacker can take over the user’s computer. Legacy SDK extensions also run with chrome privileges.</p> <p>Having the browser front end in JavaScript has benefits: it can be much quicker to develop in JavaScript than in C++, and contributors do not need to learn C++. However, JavaScript is a highly dynamic, malleable language, and without help it’s difficult to write system-privileged code that interacts safely with untrusted web content. From the point of view of chrome code, the script security model in Gecko is intended to provide that help to make writing secure, system-privileged JavaScript a realistic expectation.</p> <section id="security-policy"><span id="id1"></span> <h2>Security policy<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#security-policy" title="Link to this heading">¶</a></h2> <p>Gecko implements the following security policy:</p> <ul class="simple"> <li><p><strong>Objects that are same-origin</strong> are able to access each other freely. For example, the objects associated with a document served from <em>https://example.org/</em> can access each other, and they can also access objects served from <em>https://example.org/foo</em>.</p></li> <li><p><strong>Objects that are cross-origin</strong> get highly restricted access to each other, according to the same-origin policy. For example, code served from <em>https://example.org/</em> trying to access objects from <em>https://somewhere-else.org/</em> will have restricted access.</p></li> <li><p><strong>Objects in a privileged scope</strong> are allowed complete access to objects in a less privileged scope, but by default they see a <a class="reference external" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#privileged-to-unprivileged-code">restricted view</a> of such objects, designed to prevent them from being tricked by the untrusted code. An example of this scope is chrome-privileged JavaScript accessing web content.</p></li> <li><p><strong>Objects in a less privileged scope</strong> don’t get any access to objects in a more privileged scope, unless the more privileged scope <a class="reference external" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#unprivileged-to-privileged-code">explicitly clones those objects</a>. An example of this scope is web content accessing objects in a chrome-privileged scope.</p></li> </ul> </section> <section id="compartments"><span id="id2"></span> <h2>Compartments<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#compartments" title="Link to this heading">¶</a></h2> <p>Compartments are the foundation for Gecko’s script security architecture. A compartment is a specific, separate area of memory. In Gecko, there’s a separate compartment for every global object. This means that each global object and the objects associated with it live in their own region of memory.</p><img alt="../../_images/compartments.png" src="../../_images/compartments.png"> <p>Normal content windows are globals, of course, but so are chrome windows, sandboxes, workers, the <code class="docutils literal notranslate"><span class="pre">ContentFrameMessageManager</span></code> in a frame script, and so on.</p> <p>Gecko guarantees that JavaScript code running in a given compartment is only allowed to access objects in the same compartment. When code from compartment A tries to access an object in compartment B, Gecko gives it a <em>cross-compartment wrapper</em>. This is a proxy in compartment A for the real object, which lives in compartment B.</p><img alt="../../_images/cross-compartment-wrapper.png" src="../../_images/cross-compartment-wrapper.png"> <p>Inside the same compartment, all objects share a global and are therefore same-origin with each other. Therefore there’s no need for any security checks, there are no wrappers, and there is no performance overhead for the common case of objects in a single window interacting with each other.</p> <p>Whenever cross-compartment access happens, the wrappers enable us to implement the appropriate security policy. Because the wrapper we choose is specific to the relationship between the two compartments, the security policy it implements can be static: when the caller uses the wrapper, there’s no need to check who is making the call or where it is going.</p> </section> <section id="cross-compartment-access"><span id="id3"></span> <h2>Cross-compartment access<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#cross-compartment-access" title="Link to this heading">¶</a></h2> <section id="same-origin"><span id="id4"></span> <h3>Same-origin<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#same-origin" title="Link to this heading">¶</a></h3> <p>As we’ve already seen, the most common scenario for same-origin access is when objects belonging to the same window object interact. This all takes place within the same compartment, with no need for security checks or wrappers.</p> <p>When objects share an origin but not a global - for example two web pages from the same protocol, port, and domain - they belong to two different compartments, and the caller gets a <em>transparent wrapper</em> to the target object.</p><img alt="../../_images/same-origin-wrapper.png" src="../../_images/same-origin-wrapper.png"> <p>Transparent wrappers allow access to all the target’s properties: functionally, it’s as if the target is in the caller’s compartment.</p> </section> <section id="cross-origin"><span id="id5"></span> <h3>Cross-origin<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#cross-origin" title="Link to this heading">¶</a></h3> <p>If the two compartments are cross-origin, the caller gets a <em>cross-origin wrapper</em>.</p><img alt="../../_images/cross-origin-wrapper.png" src="../../_images/cross-origin-wrapper.png"> <p>This denies access to all the object’s properties, except for a few properties of Window and Location objects, as defined by the <a class="reference external" href="https://translate.google.com/website?sl=pl&tl=tr&hl=en-GB&u=https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy%23cross-origin_script_api_access">same-origin policy</a>.</p> </section> <section id="privileged-to-unprivileged-code"><span id="id6"></span> <h3>Privileged to unprivileged code<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#privileged-to-unprivileged-code" title="Link to this heading">¶</a></h3> <p>The most obvious example of this kind of security relation is between system-privileged chrome code and untrusted web content, but there are other examples in Gecko. The Add-on SDK runs content scripts in sandboxes, which are initialized with an <a class="reference external" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#expanded-principal">expanded principal</a>, giving them elevated privileges with respect to the web content they operate on, but reduced privileges with respect to chrome.</p> <p>If the caller has a higher privilege than the target object, the caller gets an <em>Xray wrapper</em> for the object.</p><img alt="../../_images/xray-wrapper.png" src="../../_images/xray-wrapper.png"> <p>Xrays are designed to prevent untrusted code from confusing trusted code by redefining objects in unexpected ways. For example, privileged code using an Xray to a DOM object sees only the original version of the DOM object. Any expando properties are not visible, and if any native DOM properties have been redefined, they are not visible in the Xray.</p> <p>The privileged code is able to waive Xrays if it wants unfiltered access to the untrusted object.</p> <p>See <a class="reference external" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/xray_vision.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB">Xray vision</a> for much more information on Xrays.</p> </section> <section id="unprivileged-to-privileged-code"><span id="id7"></span> <h3>Unprivileged to privileged code<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#unprivileged-to-privileged-code" title="Link to this heading">¶</a></h3> <p>If the caller has lower privileges than the target object, then the caller gets an <em>opaque wrapper.</em></p><img alt="../../_images/opaque-wrapper.png" src="../../_images/opaque-wrapper.png"> <p>An opaque wrapper denies all access to the target object.</p> <p>However, the privileged target is able to copy objects and functions into the less privileged scope using the <code class="docutils literal notranslate"><span class="pre">exportFunction()</span></code> and <code class="docutils literal notranslate"><span class="pre">cloneInto()</span></code> functions, and the less privileged scope is then able to use them.</p> </section> </section> <section id="security-checks"><span id="id8"></span> <h2>Security checks<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#security-checks" title="Link to this heading">¶</a></h2> <p>To determine the security relation between two compartments, Gecko uses two concepts: <em>security principals</em> and the act of <em>subsuming</em>. To establish the security relationship between two compartments A and B, Gecko asks:</p> <p><em>Does the security principal for compartment A subsume the security principal for compartment B, and vice versa?</em></p> <section id="subsumes"><span id="id9"></span> <h3>Subsumes<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#subsumes" title="Link to this heading">¶</a></h3> <table class="docutils align-default"> <tbody> <tr class="row-odd"> <td><p><em>A subsumes B</em></p></td> <td><p>A has all of the privileges of B, and possibly more, and therefore A is allowed to see and do anything that B can see and do.</p></td> </tr> <tr class="row-even"> <td><p><em>A Subsumes B &&</em> <em>B Subsumes A</em></p></td> <td><p>A and B are same-origin.</p></td> </tr> <tr class="row-odd"> <td><p><em>A Subsumes B && B !Subsumes A</em></p></td> <td><p>A is more privileged than B.</p><p>A gets access to all of B, by default with Xray vision, which it may choose to waive.</p><p>B gets no access to A, although A may choose to export objects to B.</p></td> </tr> <tr class="row-even"> <td><p><em>A !Subsumes B && B !Subsumes A</em></p></td> <td><p>A and B are cross-origin.</p></td> </tr> </tbody> </table> </section> <section id="security-principals"><span id="id10"></span> <h3>Security principals<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#security-principals" title="Link to this heading">¶</a></h3> <p>There are four types of security principal: the system principal, content principals, expanded principals, and the null principal.</p> <section id="system-principal"><span id="id11"></span> <h4>System principal<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#system-principal" title="Link to this heading">¶</a></h4> <p>The system principal passes all security checks. It subsumes itself and all other principals. Chrome code, by definition, runs with the system principal, as do frame scripts.</p> </section> <section id="content-principal"><span id="id12"></span> <h4>Content principal<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#content-principal" title="Link to this heading">¶</a></h4> <p>A content principal is associated with some web content and is defined by the origin of the content. For example, a normal DOM window has a content principal defined by the window’s origin. A content principal subsumes only other content principals with the same origin. It is subsumed by the system principal, any expanded principals that include its origin, and any other content principals with the same origin.</p> </section> <section id="expanded-principal"><span id="id13"></span> <h4>Expanded principal<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#expanded-principal" title="Link to this heading">¶</a></h4> <p>An expanded principal is specified as an array of origins:</p> <div class="highlight-JavaScript notranslate"> <div class="highlight"> <pre><span></span><span class="p">[</span><span class="s2">"http://mozilla.org"</span><span class="p">,</span><span class="w"> </span><span class="s2">"http://moz.org"</span><span class="p">]</span> </pre> </div> </div> <p>The expanded principal subsumes every content principal it contains. The content principals do not subsume the expanded principal, even if the expanded principal only contains a single content principal.</p> <p>Thus <code class="docutils literal notranslate"><span class="pre">["http://moz.org"]</span></code> subsumes <code class="docutils literal notranslate"><span class="pre">"http://moz.org"</span></code> but not vice versa. The expanded principal gets full access to the content principals it contains, with Xray vision by default, and the content principals get no access to the expanded principal.</p> <p>This also enables the script security model to treat compartments that have expanded principals more like part of the browser than like web content. This means, for example, that it can run when JavaScript is disabled for web content.</p> <p>Expanded principals are useful when you want to give code extra privileges, including cross-origin access, but don’t want to give the code full system privileges. For example, expanded principals are used in the Add-on SDK to give content scripts cross-domain privileges for a predefined set of domains, and to protect content scripts from access by untrusted web content, without having to give content scripts system privileges.</p> </section> <section id="null-principal"><span id="id14"></span> <h4>Null principal<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#null-principal" title="Link to this heading">¶</a></h4> <p>The null principal fails almost all security checks. It has no privileges and can’t be accessed by anything but itself and chrome. It subsumes no other principals, even other null principals. (This is what is used when HTML5 and other specs say “origin is a globally unique identifier”.)</p> </section> </section> <section id="principal-relationships"><span id="id15"></span> <h3>Principal relationships<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#principal-relationships" title="Link to this heading">¶</a></h3> <p>The diagram below summarizes the relationships between the different principals. The arrow connecting principals A and B means “A subsumes B”. (A is the start of the arrow, and B is the end.)</p><img alt="../../_images/principal-relationships.png" src="../../_images/principal-relationships.png"> </section> </section> <section id="computing-a-wrapper"><span id="id16"></span> <h2>Computing a wrapper<a class="headerlink" href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB#computing-a-wrapper" title="Link to this heading">¶</a></h2> <p>The following diagram shows the factors that determine the kind of wrapper that compartment A would get when trying to access an object in compartment B.</p><img alt="../../_images/computing-a-wrapper.png" src="../../_images/computing-a-wrapper.png"> </section> </section> </div> </div> <footer> <div class="rst-footer-buttons" role="navigation" aria-label="Footer"><a href="https://firefox--source--docs-mozilla-org.translate.goog/dom/push/index.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB" class="btn btn-neutral float-left" title="Push" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a> <a href="https://firefox--source--docs-mozilla-org.translate.goog/dom/scriptSecurity/xray_vision.html?_x_tr_sl=pl&_x_tr_tl=tr&_x_tr_hl=en-GB" class="btn btn-neutral float-right" title="Xray Vision" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a> </div> <hr> <div role="contentinfo"> <p></p> </div> Built with <a href="https://translate.google.com/website?sl=pl&tl=tr&hl=en-GB&u=https://www.sphinx-doc.org/">Sphinx</a> using a <a href="https://translate.google.com/website?sl=pl&tl=tr&hl=en-GB&u=https://github.com/readthedocs/sphinx_rtd_theme">theme</a> provided by <a href="https://translate.google.com/website?sl=pl&tl=tr&hl=en-GB&u=https://readthedocs.org">Read the Docs</a>. </footer> </div> </div> </section> </div> <script> jQuery(function () { SphinxRtdTheme.Navigation.enable(true); }); </script> <script>function gtElInit() {var lib = new google.translate.TranslateService();lib.translatePage('pl', 'tr', function () {});}</script> <script src="https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-GB&client=wt" type="text/javascript"></script> </body> </html>