Hi everybody, I am currently working on embedding the mozilla browser in a Python application under Win32, and decided to take the nsIWebBrowser/nsIWebBrowserChrome approach. I noticed that essential functions to get this working are marked as [noscript] in the xpcom interface files, so i took the noscript parts out and recompiled the descriptors, et voila, it is indeed possible.
(There is a problem with embedding the chrome interface which I will address in a separate mail) Now what I wonder about is: why the hell is python regarded as a web scripting host? I assume that noscript refers especially to hosts like javascript which are embedded in web pages and expected to be fed by external websites. I guess that it was thought about using python for web pages as well, and therefore noscript was used for python scripts, but that makes no sense: Even if you manage to hide away all system security relevant methods from a Python script, it is impossible to sandbox Python itself sufficiently. There are several attempts on achieving this, but I doubt that this is going to work out in a reliable and safe way. I can however imagine pyxpcom as a great interface to accessing mozilla functionality on a client system. Since as a python program I am already running in the systems user context, there is no need to hide those methods from me. Now what I would like is a standard way to disable noscript blocking for pyxpcom. When embedding a browser on a client system, the restriction makes no sense. Best regards, Leonard Ritter _______________________________________________ dev-tech-xpcom mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-xpcom _______________________________________________ dev-tech-xpcom mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-xpcom
