Originally Posted by MunkDev
It's possible because handle:GetChildren() will still return unprotected frames in the secure environment when you're not in combat. Since they are unprotected, they can very well be tainted. It's kind of a trojan horse in the secure environment.  |
Any frame created by an addon that isn't secure is, by definition, tainted, so unless bagnon is the only thing you're running with a child of UIParent something else would also trigger it.
Here's an example that outputs all unprotected children of UIParent when you mouse over a unit. If you're in combat, GetChildren() will simply not include those frames, it doesn't freak out about a tainted execution path.
Lua Code:
local f = CreateFrame('frame', nil, UIParent, 'SecureHandlerStateTemplate')
f:SetAttribute('_onstate-mousestate', [[
if newstate == 'on' then
for i, f in pairs(newtable(self:GetParent():GetChildren())) do
if not f:IsProtected() and f:GetName() then
print(f:GetName())
end
end
end
]])
RegisterStateDriver(f, 'mousestate', '[@mouseover,exists] on; off')