Specification: https://exe-boss.tech/specifications/web-extensions/gecko-elevated ================================================================================= I began work on this specification⁽¹⁾ in response to a post⁽²⁾ on the r/Firefox subreddit. I believe that the specification is now ready to be looked at by Mozilla for security and API review, improvement and possible inclusion into Firefox. I would like this API to be done by the time Firefox 59 is released so that extensions which need elevated access can be properly ported and available for those who use Firefox ESR. However, with less than a month left of Firefox 59 development time, it’s possible that this won’t be able to make it in time without uplifting. # External links: ⁽¹⁾ https://exe-boss.tech/specifications/web-extensions/gecko-elevated ⁽²⁾ https://www.reddit.com/r/firefox/comments/6qtd47/eli5_how_does_xul_relate_to_html_is_xul_superset/dlq5gwa/?context=1
Sorry, but this is a non-starter.
Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Resolution: --- → WONTFIX
Thanks for putting time into the proposal. I don't think this should be implemented however since it's simply an escape hatch out of the WebExtension sandbox. Just a few insights into your proposal: - Firefox already implements something similar to it: WebExtension Experiments (it's just restricted to experimental channels for obvious reasons) - For the URL restrictions on the tabs/windows.create() methods, there's bug 1269456 that aims to fix that - Detecting errors does not catch all kinds of breakage: moving a XUL element to a different place might cause an extension injecting something there to not look right, because the styling will no longer be adapted. That won't cause any JS errors however, since the elements are still injected.
Just to echo comments 1 and 2, thank you for the time spent on this proposal but this does not fit with the vision of WebExtensions as documented: https://wiki.mozilla.org/WebExtensions/NewAPIs and https://wiki.mozilla.org/WebExtensions/policy.
You need to log in before you can comment on or make changes to this bug.