Currently if an addon fails, it stops do its work. For security and privacy-guarding addons it causes devastating effect - browser falls back to defaults allowing malicious webpages do their malicious things. This is completely inacceptable.
So the proposal is following:
when an addon with permission-manager permission is installed, all the potentially dangerous features are disabled by default
then when the webpage requests a permission (or a browser for it, if there is no permission standardized for that), the addon receives a message. Then it can set a permission to a page by calling the API, allowing it to use a native impl. Or it can provide an own impl, if it is a permission for API.
Some permissions may be automatically requested by page load.
Also if an addon using webRequest API hooks all loading, if this addon fails, the browser must just stop working saying that the addon had failed. instead of loading and executing blocked content.