WeakAuras calling forbidden function
Orillion360 opened this issue · 5 comments
Is there an existing issue for this?
- I have searched the existing open and closed issues.
Description
I am not sure if it is a WeakAura or the Addon itself which calls the forbidden function. I've tried to look through the custom code of all WeakAuras I have and I can't find it in there.
Very often when I go into a Dungeon the entire UI locks up and I get an error saying WeakAuras is causing an error. I have to do a /reload and the problem is fixed.
WeakAuras Version
WeakAuras 5.6.0
World of Warcraft Flavor
Retail (Default)
World of Warcraft Region
EU
Tested with only WeakAuras
- Yes
Lua Error
29x [ADDON_ACTION_FORBIDDEN] AddOn 'WeakAuras' tried to call the protected function 'UseAction()'.
[string "@!BugGrabber/BugGrabber.lua"]:480: in function <!BugGrabber/BugGrabber.lua:480>
[string "=[C]"]: in function `UseAction'
[string "@FrameXML/SecureTemplates.lua"]:364: in function `handler'
[string "@FrameXML/SecureTemplates.lua"]:690: in function <FrameXML/SecureTemplates.lua:672>
[string "@FrameXML/SecureTemplates.lua"]:704: in function <FrameXML/SecureTemplates.lua:697>
[string "@FrameXML/SecureTemplates.lua"]:746: in function `SecureActionButton_OnClick'
[string "@FrameXML/ActionButton.lua"]:89: in function `TryUseActionButton'
[string "@FrameXML/ActionButton.lua"]:124: in function `ActionButtonDown'
[string "ACTIONBUTTON2"]:2: in function <[string "ACTIONBUTTON2"]:1>
Reproduction Steps
Go into Dungeon
Press any action bar button
Error pops up
Last Good Version
Issues started after WoW 10.1.0 patch
Screenshots
No response
Export String
No response
you either have a clickable aura (very bad) or/and are using the group finder extension aura (which would make sense if it happens when pugging)
This is not a problem coming from the addon, if you use any clickable aura delete it.
Bad auras like this are getting more popular with augmentation evoker spec
Is there documentation somewhere outlining why clickable auras are bad and should be avoided? Is it philosophical or technical?
Technical.
"Clickable" actually comes in 2 flavours. Secure and not secure, depending on whether you want to use a protected function or not. Secure clickable Auras are (almost) always dangerous and should not be used. Non-secure can be used quite safely in most cases. Unfortunately you probably want a secure button so the bad news is that WA can't help you.
Details:
a) If you want to fire a secure action - a spell, item, macro, or working as a UnitFrame - then you need to use a SecureActionButtonTemplate. Linking this button to your Aura (even just using SetPoint to anchor it) forces the Aura to become Protected at which point editing or altering it while in combat will cause issues. WA's purpose is to update constantly in combat so using an Aura as a platform for a secure button makes it almost impossible to avoid issues.
○ https://wow.gamepedia.com/Secure_Execution_and_Tainting
○ https://wow.gamepedia.com/SecureActionButtonTemplate
b) If you do not want to fire a secure action then you can use SetScript and have the Aura respond directly to the event handlers OnMouseUp/OnMouseDown. Or you can add a non-secure Button frame to your Aura to handle Click events. Examples of non-protected code you might want to run would be triggering functions in other addons, sending messages to chat, firing "ScanEvents" within WA, etc.
○ https://wow.gamepedia.com/API_ScriptObject_SetScript
○ https://wow.gamepedia.com/Widget_handlers#Frame
• An important note on "Clones" - In WA, Clone regions (created by "TSU" custom triggers or regular triggers that have "auto-clone" settings) are recycled and used again by other cloning Auras. Both secure and non-secure "clickable" approaches involve editing or attaching to the Aura's region and if used with a clone the clickable frame will end up being spread to unrelated Auras and make a mess of your UI.