So I’m interacting with a known secure page and I need to see it’s expando properties.
So in my content script I write,
var foo = window.wrappedJSObject.Foo;
// This is a promise. I can print it to the console
// and see that it successfully fetches and executes the promise.
var bar_promise = foo.bar();
console.log(bar_promise);
// However, I don't have permission to do this:
bar_promise.then((x) => { console.log(x) });
Why can’t I do this? I get Uncaught (in promise) Error: Permission denied to access object
I don’t know much about this and messed around a bit with it some time ago (with some direction from @freaktechnik concerning the same error); but don’t you have to do more to pass the content script’s object to the page script’s function to get it to run?
I think it is as:
A content script can invoke a function (page_script_func) declared in the page script and pass it an argument object, as follows.
w = document.defaultView;
w.wrappedJSObject.page_script_func( cloneInto( { 'a' : data }, w ) );
and it’ll run as if the content script’s object was passed to the page script and run there.
I don’t think you can just place the content script’s data as a function argument to run in the page script’s scope without the cloneInto.