Globals and namespaces
this is taken from a mail to the pyxpcom list - it should be expanded, but a copy-paste will do for now normal module semantics don't exist here. The globals are 'bound' to the global object (ie, the window), instead of to a module's __dict__ as you expect in the Python world. Note that we don't actually 'import' anything here - the scripts and event handlers do not exist in a Python module.
The intent is to provide similar semantics to JS. For example, when a top-level window has something like:
<window ... script="foo = 1" ...
An event handler like:
<button onclick="print foo"/>
Should be able to reference 'foo' via globals as shown. This is the point of the reparenting, and I believe you will find it breaks if you change that.
Note that you can stick arbitrary values on any DOM object - this is what JS calls 'expandos'. for example, lets say you have XUL similar to pyxultest:
Top-level script code says something like:
button = document.getElementById("some-button") button.foo = 0
And the button itself might look like:
<button id="some-button" label = "click here" onclick="event.target.foo += 1; print 'Foo is now', event.target.foo"/>
Note that (a) we have stuck an arbitrary attribute on a DOM element and (b) in all cases (ie, event handler and top-level script), the DOM node needs to be explicitly specified - the globals are the window itself. The event handler could also have used getElementById - the point is that both the event handler and top-level script share the same namespace
Python code can not be secured - so it will only run from trusted sources. This means your can only have Python code in chrome. Content loaded from anywhere other than a chrome:// URL can not host Python. It should be obvious why you don't want to run http://some_bad_guy/something_evil.py in your browser!.