This bug is reported as the issue in the module review and jrgm asked me to make a bug out of it. - make these accessible from chrome only.
Shouldn't be hard to fix.
Do these need to be scriptable *on* non-chrome windows? If so, we'll need to check that we're accessed from chrome in the getters for these (by calling IsCallerChrome() in GlobalWindowImpl), if not, we can move these attributes into nsIDOMChromeWindow.idl.
navtriage:marking need info. Mitch, can you comment on this bug for Buffy? thx.
Jag, what's the security risk here?
I think the focusedWindow and focusedElement attributes are the only ones that might (need to test) give someone access to chrome from non-chrome. The rest should be okay, and we probably want to provide them to XUL authors. You can also access the commandDispatcher from nsIControllers, not sure if we really need it on there.
Chris will try to get this for 1.4final, reassigning.
per comment 0 these are chrome only for sure now.