https://wiki.greasespot.net/api.php?action=feedcontributions&user=41.190.16.17&feedformat=atomGreaseSpot Wiki - User contributions [en]2024-03-28T14:44:11ZUser contributionsMediaWiki 1.41.0https://wiki.greasespot.net/index.php?title=UnsafeWindow&diff=7038UnsafeWindow2012-05-09T02:59:04Z<p>41.190.16.17: Well, there are certain techniques</p>
<hr />
<div>{{DISPLAYTITLE:unsafeWindow}}<br />
{{security}}<br />
<br />
Well, there are certain techniques<br />
<br />
== Examples ==<br />
<br />
<pre class='sample'><br />
unsafeWindow.SomeVarInPage = "Testing";<br />
</pre><br />
<br />
<pre class='sample'><br />
unsafeWindow.SomeFunctionInPage("Test");<br />
</pre><br />
<br />
<pre class='sample'><br />
var oldFunction = unsafeWindow.SomeFunctionInPage;<br />
unsafeWindow.SomeFunctionInPage = function(text) {<br />
alert('Hijacked! Argument was ' + text + '.');<br />
return oldFunction(text);<br />
};<br />
</pre><br />
<br />
== Alternatives to unsafeWindow ==<br />
<br />
''Sometimes'', you just can't get around using unsafeWindow.<br />
Most of the time, however, you can!<br />
See [[:Category:Coding Tips:Interacting With The Page]] for details on various methods to interact with the page that do '''not''' use unsafeWindow.<br />
<br />
== Notes ==<br />
<br />
BUG: In Firefox 3.0 the <tt>prototype</tt> field will always be <tt>undefined</tt> for objects accessed through <tt>unsafeWindow</tt>.<br />
The techniques in [[:Category:Coding Tips:Interacting With The Page]] can work around this problem.<br />
<br />
[[Category:API_Reference|U]] <br />
[[Category:Scripting context]]<br />
[[Category:Security]]</div>41.190.16.17