[Greasemonkey] questions on context menu and security contexts
Jeremy Dunck
jdunck at gmail.com
Fri Jul 1 01:28:35 EDT 2005
On 6/30/05, Godmar Back <godmar at gmail.com> wrote:
> 1. Why doesn't GM offer a (controlled) way to change the context menu,
> in the same way it allows a user to change the "User Script Commands"
> menu?
Because I never got around to writing that part. :)
> 2. (this is more out of technical interest because I couldn't find any
> documentation on Mozilla's security model:)
> Why does GM_registerMenuCommand work? I understand *how* it works,
> but not why.
...
>Is this a bug or does Mozilla's
> security model works such that all code provides by an extension is
> run with full privileges?
I'm not sure how it's -supposed- to work, but from what I can tell,
any stuff (XUL or JS objects) created by an extension get the full
power of that context, and I think it is indeed based on thread.
Which is to say, I think there's some sort of marshalling going on
when a page JS calls into chrome-created JS.
I'm sure Aaron knows more about this than I do, but I'll probably go
read about it when I have the time.
More information about the Greasemonkey
mailing list