Full privileges are only granted by default to chrome scripts, i.e. scripts that are part of the application or of an extension. For remote HTML/XHTML/XUL documents, most XPCOM objects are not accessible by the scripts as they have limited privileges due to security reasons. Even if they are accessible (e.g. the XMLHttpRequest object), the usual security restrictions can also be found (e.g. cannot open URLs of other domains).
|This software article is a stub. You can help Wikipedia by expanding it.|