AddOn Studio Wiki

WoW API < securecall

This function allows you to call an another function (with the possibility to pass arguments to it) and restore secure status that was active before calling this aforementionned function.

That means that if the function that was called by securecall() was tainted by untrusted code (probably through hooking), and that prior the call the environment was secure, it'll remain secure after the call, thus not breaking protected functions calls.

This function has no particular effect if called from an unsecure (tainted) environment, as 'unsecure' state is restored after the call.

securecall(function[, ...])



The function to be called.

The following arguments are passed to it.




function some_blizzard_func()
    -- Let's consider that when this function is called, we're in a secure environment, as it has been defined by Blizzard.

    -- Let's do a call to some_other_blizzard_func(), passing some arguments along the way.
    -- <Stop reading this function's content and jump to some_other_blizzard_func() for further explanations>

    -- But! Thanks to securecall, secure status that was active before the call gets restored (in this case, 'secure'), and ...
    -- ...protected functions and such will still continue to work.

function some_other_blizzard_func(a,b,c)
    -- This is the function called by securecall().
    -- The function is secure, as it's defined by Blizzard, but...

-- Oh no ! Someone has hooked the function !
old_blizzard_func = some_other_blizzard_func;
function some_other_blizzard_func(a,b,c)
    -- some_other_blizzard_func has been redefined by a third-party person,
    -- thus is no longer Blizzard-defined, and thus unsecure.
    -- Calling it will break secure state, which is the case,
    -- so past this point the secure status has become 'unsecure'.
    -- Jump();
    -- Issuing calls from now on to protected functions and such will display the forbidden action popup.

    -- <Now return to some_blizzard_func() and finish reading>

Secure status[]

  • some_blizzard_func() (enter point) : secure
  • When making the call to the hooked some_other_blizzard_func() : unsecure
  • When resuming the execution of some_blizzard_func() : secure again