Scott Shattuck wrote:
1) The script is running at a file:// URI
I believe it's key that future specification work keep in mind that this
isn't the rare case it used to be, it's one definition of "run offline".
While true, note that Gecko also supports actual running offline of http URIs,
where you actually have a hostname to use for security checks. This seems like
a bette way forward to me, if at all possible.
The fundamental problem with using file:// as you describe is the lack of such
compartmentalization. Gecko 1.9 will try to sandbox files from each other
somewhat, but it's likely to not be perfect and likely to break some attempts to
"use the browser as a file-launched VM".
it's also important to maintain
the ability of enterprises and others to create file-launched
applications that are simply leveraging the browser as an
easier-to-develop for VM.
This is why you can call enablePrivilege from file:// right now...
I guess I'm not sure how your point relates to the text you quoted, other than
as agreement with that exception to the general "can't prompt" policy.
-Boris
