[Greasemonkey] questions on context menu and security contexts

Jeremy Dunck jdunck at gmail.com
Fri Jul 1 01:28:35 EDT 2005

On 6/30/05, Godmar Back <godmar at gmail.com> wrote:
> 1. Why doesn't GM offer a (controlled) way to change the context menu,
> in the same way it allows a user to change the "User Script Commands"
> menu?

Because I never got around to writing that part. :)

> 2. (this is more out of technical interest because I couldn't find any
> documentation on Mozilla's security model:)
> Why does GM_registerMenuCommand work?  I understand *how* it works,
> but not why.
>Is this a bug or does Mozilla's
> security model works such that all code provides by an extension is
> run with full privileges?

I'm not sure how it's -supposed- to work, but from what I can tell,
any stuff (XUL or JS objects) created by an extension get the full
power of that context, and I think it is indeed based on thread. 
Which is to say, I think there's some sort of marshalling going on
when a page JS calls into chrome-created JS.

I'm sure Aaron knows more about this than I do, but I'll probably go
read about it when I have the time.

More information about the Greasemonkey mailing list