If you help slay a water elemental while attuned to the ring, you gain access to the following additional properties: In addition, you can stand on and walk across liquid surfaces as if they were solid ground. You can expend 2 of the ring’s charges to cast dominate monster on a water elemental. Spells cast from the ring have a save DC of 17. It regains 1d4 + 1 expended charges daily at dawn. In addition, you have access to properties based on the Elemental Plane of Water. While wearing this ring, you have advantage on attack rolls against water elementals, and they have disadvantage on attack rolls against you. The Xray always inherits from this standard prototype, even if the underlying instance has a different prototype.This ring is linked to the Elemental Plane of Water. the Xray has the standard Object or Array prototype, without any modifications that content may have done to that prototype.
#5e ring of xray vision code
First, the chrome code might expect to rely on the prototype's integrity, so the object's prototype is protected:.There are two main sorts of restrictions: If the object has properties which are themselves objects, and these objects are same-origin with the content, then their value properties are visible as well. So the semantics defined for Object and Array Xrays aim to make it easy for privileged code to treat untrusted objects like simple dictionaries.Īny value properties of the object are visible in the Xray. The aim of Xray vision is to make most common operations simple and safe, avoiding the need to access the underlying object except in more involved cases. This means that the semantics of their Xrays have to be independently defined: they can't simply be defined as "the C++ representation". The exceptions are Object and Array: their interesting state is in JavaScript, not C++. That includes the code samples in this article. To test out examples like this, you can use the Scratchpad in browser context for the code snippet, and the Browser Console to see the expected output.īecause code running in Scratchpad's browser context has chrome privileges, any time you use it to run code, you need to understand exactly what the code is doing. Var sandbox = ("") Ĭ(sandboxScript, sandbox) Ĭonsole.log((sandbox.date).getFullYear()) A web page could redefine it to return true: nfirm = function() ' + If chrome code relies on such modified objects, it can be tricked into doing things it shouldn't.įor example: nfirm() is a DOM API that's supposed to ask the user to confirm an action, and return a boolean depending on whether they clicked "OK" or "Cancel". Scripts running in web pages can add extra properties to DOM objects (also known as expando properties) and even redefine standard DOM objects to do something unexpected. JavaScript's a highly malleable language. However, even the ability to access content objects can be a security risk for chrome code. The security machinery in Gecko ensures that there's asymmetric access between code at different privilege levels: so for example, content code can't access objects created by chrome code, but chrome code can access objects created by content. For example, the Add-on SDK runs content scripts inside sandboxes. If an Expanded Principal is used, the sandbox is granted certain privileges over content code and is protected from direct access by content code. The security principal defined for the sandbox determines its privilege level. As well as these two levels of privilege, chrome code is able to create sandboxes.Because this code is being loaded from arbitrary web pages it is regarded as untrusted and potentially hostile, both to other websites and to the user. JavaScript loaded from normal web pages is called content code.If chrome-privileged code is compromised, the attacker can take over the user's computer. Legacy Extensions also run with chrome privileges. The JavaScript code that, along with the C++ core, implements the browser itself is called chrome code and runs with system privileges.Gecko runs JavaScript from a variety of different sources and at a variety of different privilege levels. Xray vision helps JavaScript running in a privileged security context safely access objects created by less privileged code, by showing the caller only the native version of the objects.
0 kommentar(er)
