On 09/06/2015 13:12, Neil wrote:
Boris Zbarsky wrote:
That said, it's pretty weird to me that we're exposing the entirety of
chrome://browser like that. Seems like we should scope it down.
You could move the relevant files (presumably the CSS for those about:
pages) into a different package. (Thunderbird did that with its
messagebody.css to avoid having to expose all of its chrome.)
I agree that we should do this. I think the right bug is probably
https://bugzilla.mozilla.org/show_bug.cgi?id=443400 which seems to have
stalled post-remote-XBL/XUL being removed. We should probably still
clamp this down further.
I don't actually know which bits need to be content-accessible at all,
beyond the styling, images and script used from about:home, though I
wonder how things like the general toolkit skin will work if we move the
CSS to be content-accessible -- that said, at least about:home doesn't
seem to be using that at all. Not sure about other
SAFE_FOR_UNTRUSTED_CONTENT pages.
I'd be happy to mentor someone doing this, but I probably won't have
time to work on it myself for the foreseeable future (hello, Windows 10!).
~ Gijs
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
