[Project_owners] Using nsIWebBrowserStream

Matthew Wilson matthew at mjwilson.demon.co.uk
Mon Jun 8 14:13:19 PDT 2009

Pete wrote:
> 2009/6/8 Pete <sneakypete81 at gmail.com>:
>> I'm looking for a way of injecting an untrusted HTML string into a chome
>> iframe.

I needed to do something similar. I assume you want to prevent security 
bypasses from the untrusted content.

My eventual solution was far from elegant but worked OK: to create a 
"data:" URL containing the encoded form of the document, then to use 
document.getElementById("xxx").webNavigation.loadURI with that URL.

This might also be of help:


More information about the Project_owners mailing list