Via https://github.com/mozilla/geckodriver/issues/1610 I noticed that people are navigating to eg
about:preferences to change settings, or trigger actions while still staying in content scope.
I find that this shouldn't be doable by default. Access to privileged about pages should also require some special privileges for the Marionette's content scope.
To not adding more complexity we could also change the chrome scope behavior, and do no longer raise an exception for
WebDriver:Get, but also use the currently selected top-browsing context for navigation, which would allow to navigate to privileged about pages.
We would need a white-list of about pages accessible by the content scope navigation requests.
As of now I don't know how much security related that is. Andreas, what do you think?