On Apr 5, 2014 6:12 PM, "Kradorex Xeron" <[email protected]> wrote:
> At this point, add-ons are no longer sufficient to protect users, this
needs to
> be a forced element into the core of browsers. Plugins will never have the
> level of hook access that that is needed and there will always be holes as
> these add-ons over-ride specific activities, they do not set the default
> actions by the core Javascript engine and not everything is hookable.
This rings false to me. I cannot see anything here that isn't covered by
addons like NoScript and RequestPolicy. For any other browser, this might
be true, but in my experience Firefox's extension system is extremely
robust.
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
