@elias_rabl
I jsut reviewed your addon.
Please note:
Libraries
First consideration with Libraries is that they must be identical to the original version. It is not feasible to read and verify Library code as they contains 1000s of lines of code and are often minified. Therefore, they must be unaltered.
Furthermore, using lesser-known/unknown libraries complicates the matter more as they have to be verified first (by an admin reviewer).
innerHTML (or similar method of converting strings to DOM)
Use of innerHTML
is generally not advisable.
Using innerHTM
L for any DOM that is NOT inserted into a document if acceptable. An example (that I have used in my own code) would be when addon grabs a selection from a page, creates a DIV, insert that selection into the DIV as innerHTML
to check/verify/parse the content and the result is NOT inserted back into the document.
Using innerHTML
to convert static (not dynamic) strings into DOM and insert into the DOM as a node, is allowed (but not recommended).
In case of dynamic values, there are more checks and if it is perceived to have security issues, it will be rejected.
Inserting remote content with innerHTML
more than often results in rejection (and the sanitization are often not adequate).
Using innerHTML
on a document node can be a cause for rejection as it will cause the document to be re-parsed, which is inefficient and has critical drawbacks, including invalidating any JavaScript reference to replaced DOM nodes, clearing any JavaScript properties and event listeners on replaced DOM nodes, and re-executing any script tags in the changed markup, and causing said scripts to fail.
I hope that helps