The noscript silliness with nsIPrincipal is just that -- silliness, imo. If we don't want script messing with the principal, we should make all the methods and properties noscript instead.
Created attachment 211948 [details] [diff] [review] Fix I made most stuff on nsIPrincipal noscript; the exceptions are equals() (which I think should be scriptable for sure) and the certificate stuff (which I think it makes sense to leave scriptable). I'm open to more things being noscript if desired, though.
Comment on attachment 211948 [details] [diff] [review] Fix If you're going to expose the cert stuff (which is fine) should we also expose the readonly URI for non-cert principals? But then it may be a domain principal, and domain is not readonly. I guess we don't want people to care what's inside a principal. sr=dveditz
I do think eventually we may want to expose a scriptable URI, but when we do I want to return a clone. Right now people can get the "readonly" URI and then modify the object; I don't think we want to support that from script. ;)
Comment on attachment 211948 [details] [diff] [review] Fix r=jst
Created attachment 212186 [details] [diff] [review] Patch that I checked in Revs the nsIScriptSecurityManager IID too.
Except tree's closed, so I did not in fact check this in yet.
Fixed for real.