Muon Webview vs. Electron Webview


#1

Hi, I’m interested to learn more about the differences between Muon and Electron. It’s not clear to me which parts of the Muon docs apply to Electron and which apply to Muon.

I have a prototype of a browser-like application which I recently ported from qbrt (Gecko) to Electron and makes use of the Webview API, but I’m concerned about the lack of sandbox when loading un-trusted web content in a webview. It’s not a huge issue at this prototyping stage, but I understand that Muon re-introduces the Chromium sandbox to Electron and wondered whether it might be a better option for me in the future.

At what cost does the re-introduction of the Chromium sandbox come? What features do you lose? I understand the original plan was to contribute these changes back upstream but that the Electron community didn’t want to make the changes. Why was this?

In particular:

  • Does Muon provide the same Webview API as Electron?
  • Can the main browser window still be configured to have access to Node APIs?
  • What can’t Muon do that Electron can?
  • What can Muon do that Electron can’t?

What I’m looking for is the ability to have privileged chrome written in HTML, CSS & JS which can access Node APIs and untrusted web content safely sandboxed inside a webview.

Thanks


#2

cc: @brian @anthony @clifton to provide more info


#3

I’ve just noticed the blog post where Brave announced the re-write based on Chromium instead of Muon. I guess this means that Muon is not going to be supported going forward and that building something new on top of Muon is not a good idea?


#4

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.