summaryrefslogtreecommitdiff
path: root/TODO
blob: 7bc1bcfd9db49079fd9caeeb16d8974d90b1a077 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
before 1.0!
	consider license change to isc
	consider renaming to PlanedText

core:
	disable all other scripts - lots of tracking horrors around now, e.g.
	h-online and nytimes have things which report back every time you click the mouse.

make:
	use 'convert -Background none' rather than rsvg (check the output is still good)
	gzip things in web/

chromium:
	change keybind (looks like ctrl-alt-r is now used by chrome, at least on mac)
	look at content_security_policy to tighten extension manifest lots
		http://code.google.com/chrome/extensions/trunk/manifest.html#content_security_policy
	generate appid for use in update xml
		see GenerateId in extension.cc of chrome for how it works

gecko:
	create option to turn off/on hyperlinks
	create option to turn off/on css
	use straight rdf/xml to remove rapper build dependency
	use rapper and bourne shell script to sign
		this is difficult as mozilla wants the signature of a very particular serialisation of the update rdf
		https://developer.mozilla.org/en/Extension_Versioning,_Update_and_Compatibility#Update_RDF_Format
		openssl dgst -sha512 -binary -sign private.pem web/gecko-updates.rdf i'm pretty sure generates the correct signature. however it then has to be encoded, using asn1/der & base64. also, according to the docs only the hash is signed/hashed, whereas it looks like the whole (particularly serialised) rdf is used by uhura
	make bootstrappable
		http://www.oxymoronical.com/blog/2011/01/Playing-with-windows-in-restartless-bootstrapped-extensions
		http://starkravingfinkle.org/blog/2011/01/bootstrap-jones-adventures-in-restartless-add-ons/
		http://blog.fpmurphy.com/2011/02/firefox-4-restartless-add-ons.html
		this could easily get messy, so might not be worth it.
		startup:
		- add a resource:// alias so scripts can be referenced
		- add simplyread.js and viable.js to all documents
		- add a listener to nsIWindowMediator onOpenWindow.
		- get this listener to inject simplyread.js and viable.js,
		  using their resource:// urls into new documents
		- add a listener to tab changing, to retrigger viable test
		shutdown:
		- remove these two from all documents
		- remove listeners
		- remove any addon bar things
	add fennec support - https://wiki.mozilla.org/Mobile/Fennec/Extensions
		'electrolysis' may require modifications
	consider using plain rdfxml rather than turtle; conversion is a pain, and it's clear rdf is on its way out of gecko anyway

test (currently outdated):
	current tests
		test the keyboard shortcut, by sending an event;
			e=document.createEvent(...
			e.initEvent(...
			e.keyCode = ...
			document.body.dispatchEvent(e)
		window.close directly after logging to the console
	make tests for chromium and firefox engines
		https://developer.mozilla.org/en/Automated_testing_tips_and_tricks
		https://developer.mozilla.org/en/Mozmill_Tests/Addon_tests


# wishlist #

gecko:
	it would be nice to use the svg icon directly (smaller, faster, neater)
		firefox doesn't render the font correctly (can't find bug; test more then report it)
		doesn't automatically set the size (https://bugzilla.mozilla.org/show_bug.cgi?id=583231#c31 - may be workaroundable by setting class of the image to toolbarbutton-1)
		doesn't work for main addon icon (only toolbar) (can't find bug; test more then report it)

chromium:
	it would be nice to use the svg icon directly (smaller, faster, neater)
		currently not supported (http://code.google.com/p/chromium/issues/detail?id=29683)
		get the following error:
		[18840:18840:7322270382:ERROR:extension_error_reporter.cc(55)]
		Extension error:
		Package is invalid. Details: 'Could not decode theme image.'
	would be nice to have permission warning reflect the fact that no disk or network activity is done; that this is self-contained and lovely. unfortunately it isn't fine-grained enough, and we need all "tabs" permission to inject the script into any page