AddOn Studio

WoW:API issecurevariable: Difference between revisions

No edit summary
m (Move page script moved page API issecurevariable to API issecurevariable without leaving a redirect)
 
(4 intermediate revisions by 4 users not shown)
Line 1: Line 1:
{{wowapi}}__NOTOC__
{{wowapi}}__NOTOC__
Determinates if given variable or table is [[secure]] or "[[Tainted (Addons)|tainted]]". Any usage of a "[[Tainted (Addons)|tainted]]" (= non-secure) variable, be it a function or simply data, will break [[secure]] state and prevent further access to Protected functions.
Determines if given variable or table is [[secure]] or "[[Tainted (Addons)|tainted]]." Any usage of a "[[Tainted (Addons)|tainted]]" (= non-secure) variable, be it a function or simply data, will break [[secure]] state and prevent further access to Protected functions.


  issecurevariable()
  isSecure, taint = issecurevariable([table], variable)


==Parameters==
==Returns==
===Arguments===
;isSecure : "boolean" flag: 1 if variable is secure, nil if it is tainted.
:;[table], variable
;taint : string: addon that tainted the variable (possibly nil if not tainted by an addon).
 
===Return===
:;nil (tainted) or 1 (secure)


==Example 1==
==Example 1==
  local secure = issecurevariable( "JumpOrAscendStart" );
  local secure = issecurevariable( "JumpOrAscendStart" );
  if not ( secure == nil ) then  
  if secure then  
   DEFAULT_CHAT_FRAME:AddMessage("OK! Given variable is secure!");
   DEFAULT_CHAT_FRAME:AddMessage("OK! Given variable is secure!");
  else
  else
   DEFAULT_CHAT_FRAME:AddMessage("Given variable is not secure, doing stuff with it will break secure status. :s");
   DEFAULT_CHAT_FRAME:AddMessage("Given variable tainted. :s");
  end
  end
===Result===
===Result===
Line 23: Line 20:


==Example 2==
==Example 2==
  some_variable_not_defined_by_blizzard = "bla39_j!";
  local Old_UnitName = UnitName
  local secure = issecurevariable( "some_variable_not_defined_by_blizzard" );
function UnitName(unit)
  if not ( secure == nil ) then  
    return Old_UnitName(unit or "player")
end
  local secure = issecurevariable( "UnitName" );
  if secure then  
   DEFAULT_CHAT_FRAME:AddMessage("OK! Given variable is secure!");
   DEFAULT_CHAT_FRAME:AddMessage("OK! Given variable is secure!");
  else
  else
   DEFAULT_CHAT_FRAME:AddMessage("Given variable is not secure, doing stuff with it will break secure status. :s");
   DEFAULT_CHAT_FRAME:AddMessage("Given variable tainted. :s");
  end
  end
===Result===
===Result===
*Message "Given variable is not secure, doing stuff with it will break secure status. :s" will get displayed in your chat frame.
* [[API_UnitName|UnitName]] is not a protected Blizzard-defined function, but will still become tainted when hooked.
* Message "Given variable tainted. :s" will get displayed in your chat frame.


==Notes==
==Notes==
*Seems to always return 1 for nil variables.
* Returns <code>1, nil</code> for undefined variables. This is because an undefined variable is secure since you have not tainted it.
* Returns <code>1, nil</code> for all untainted variables (i.e. Blizzard variables).
* Returns <code>nil</code> for '''any''' global variable that is hooked insecurely (tainted), even unprotected ones like [[API UnitName|UnitName()]].
* Returns <code>nil</code> for all user defined global variables.
* If a table is passed first, it checks table.variable (e.g. <code>issecurevariable(PlayerFrame, "Show")</code> checks PlayerFrame["Show"] or PlayerFrame.Show (they are the same thing)).
* Does not work for local variables.

Latest revision as of 04:46, 15 August 2023

WoW API < issecurevariable

Determines if given variable or table is secure or "tainted." Any usage of a "tainted" (= non-secure) variable, be it a function or simply data, will break secure state and prevent further access to Protected functions. 

isSecure, taint = issecurevariable([table], variable)

Returns

isSecure
"boolean" flag: 1 if variable is secure, nil if it is tainted.
taint
string: addon that tainted the variable (possibly nil if not tainted by an addon).

Example 1

local secure = issecurevariable( "JumpOrAscendStart" );
if secure then 
 DEFAULT_CHAT_FRAME:AddMessage("OK! Given variable is secure!");
else
 DEFAULT_CHAT_FRAME:AddMessage("Given variable tainted. :s");
end

Result

  • JumpOrAscendStart is a protected Blizzard-defined function, thus secure. Calling it will not break secure status.
  • Message "OK! Given variable is secure!" will get displayed in your chat frame.

Example 2

local Old_UnitName = UnitName
function UnitName(unit)
    return Old_UnitName(unit or "player")
end
local secure = issecurevariable( "UnitName" );
if secure then 
 DEFAULT_CHAT_FRAME:AddMessage("OK! Given variable is secure!");
else
 DEFAULT_CHAT_FRAME:AddMessage("Given variable tainted. :s");
end

Result

  • UnitName is not a protected Blizzard-defined function, but will still become tainted when hooked.
  • Message "Given variable tainted. :s" will get displayed in your chat frame.

Notes

  • Returns 1, nil for undefined variables. This is because an undefined variable is secure since you have not tainted it.
  • Returns 1, nil for all untainted variables (i.e. Blizzard variables).
  • Returns nil for any global variable that is hooked insecurely (tainted), even unprotected ones like UnitName().
  • Returns nil for all user defined global variables.
  • If a table is passed first, it checks table.variable (e.g. issecurevariable(PlayerFrame, "Show") checks PlayerFrame["Show"] or PlayerFrame.Show (they are the same thing)).
  • Does not work for local variables.
Retrieved from "https://addonstudio.org/mw1/index.php?title=WoW:API_issecurevariable&oldid=16601"