On Thu, Aug 25, 2011 at 4:24 PM, Dominic Cooney <[email protected]> wrote:
> Here is a quick first cut: > > How about use cases like these: > > - Extension that wants to inspect <input type="password"> and warn you > when you are entering you password in an insecure form (from abarth > earlier in the thread.) > - Password manager that wants to find anything that looks like a login > panel and decorate it/fill it. > - Extension that removes formatting from a page to make it easier for > on-screen reading. > - Extension that finds phone numbers in a page and embosses them with > links to a crank call service. > - Extension that replaces all ads in a page with pictures of kittens. > Or an extension that detects pictures of kittens and monetizes them > with ads. > - Extension that on hover looks up > dictionary/thesaurus/translation/urban dictionary/wikipedia/etc. > This is a great list! As for allowing extensions to inspect the shadow DOM: unless we want to break isolation/confinement again, I believe this should be handled by the relevant browser APIs for extensions, along the lines of "shadow = extensions.getShadowFor(element)". If the extension shouldn't be able to mess with shadows, it can be blocked at this point.
