- From: Dominic Cooney <dominicc@google.com>
- Date: Fri, 26 Aug 2011 07:27:06 -0700
- To: Roland Steiner <rolandsteiner@google.com>
- Cc: Dimitri Glazkov <dglazkov@chromium.org>, John J Barton <johnjbarton@johnjbarton.com>, Adam Barth <w3c@adambarth.com>, public-webapps <public-webapps@w3.org>, Maciej Stachowiak <mjs@apple.com>, Jonas Sicking <jonas@sicking.cc>, Boris Zbarsky <bzbarsky@mit.edu>
On Fri, Aug 26, 2011 at 12:42 AM, Roland Steiner <rolandsteiner@google.com> wrote: > On Thu, Aug 25, 2011 at 4:24 PM, Dominic Cooney <dominicc@google.com> wrote: >> >> Here is a quick first cut: >> >> How about use cases like these: >> >> - Extension that wants to inspect <input type="password"> and warn you >> when you are entering you password in an insecure form (from abarth >> earlier in the thread.) >> - Password manager that wants to find anything that looks like a login >> panel and decorate it/fill it. >> - Extension that removes formatting from a page to make it easier for >> on-screen reading. >> - Extension that finds phone numbers in a page and embosses them with >> links to a crank call service. >> - Extension that replaces all ads in a page with pictures of kittens. >> Or an extension that detects pictures of kittens and monetizes them >> with ads. >> - Extension that on hover looks up >> dictionary/thesaurus/translation/urban dictionary/wikipedia/etc. > > This is a great list! > As for allowing extensions to inspect the shadow DOM: unless we want to > break isolation/confinement again, I believe this should be handled by the > relevant browser APIs for extensions, along the lines of "shadow = > extensions.getShadowFor(element)". If the extension shouldn't be able to > mess with shadows, it can be blocked at this point. Yes, I think a separate function for doing the lookup is a good idea. It keeps the set of attributes and methods on a given DOM object the same for pages and extensions. Dominic
Received on Friday, 26 August 2011 14:27:30 UTC