Re: Removal of the note about extensions

On 2/24/2014 10:44 PM, Mitar wrote:
> I would really love to see bookmarklets explicitly mentioned.
> Otherwise people made arguments that bookmarklets are not add-on or
> extensions. For example, see this comment:
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=866522#c15
>
> Simon is arguing that bookmarklets should not be allowed to inject
> additional scripts into the page becase they are not extensions.

I'm pretty sure Simon is arguing in favor of bookmarklets, as better 
than the alternative (for the bookmarklet author) of authoring/packaging 
the same code in a different kind of extension/add-on for each browser.

The scripts he was saying should still be blocked were insecurely loaded 
(http) scripts on a securely loaded (https) page. Firefox now blocks 
that whether or not a page has a CSP and really has nothing to do with 
this conversation.

-Dan Veditz

Received on Tuesday, 25 February 2014 18:00:25 UTC