[Project_owners] Using nsIWebBrowserStream
Matthew Wilson
matthew at mjwilson.demon.co.uk
Mon Jun 8 14:13:19 PDT 2009
Pete wrote:
> 2009/6/8 Pete <sneakypete81 at gmail.com>:
>> I'm looking for a way of injecting an untrusted HTML string into a chome
>> iframe.
I needed to do something similar. I assume you want to prevent security
bypasses from the untrusted content.
My eventual solution was far from elegant but worked OK: to create a
"data:" URL containing the encoded form of the document, then to use
document.getElementById("xxx").webNavigation.loadURI with that URL.
This might also be of help:
http://adblockplus.org/blog/displaying-web-content-in-an-extension-without-security-issues
Matthew
More information about the Project_owners
mailing list