[tde-users] KHTML security and web engine choices for TDE (Was: Re: I'M BAAAACK!)

E. Liddell wrote: security holes I'd argue that since it supports a very limited portion of JavaScript and apparently none of the modern Web APIs like WebRTC, WebAssembly etc., the attack surface is actually smaller. The only disadvantages from a security standpoint would be effective lack of eyes and work on the source (the obvious disadvantage being, of course, a browser stuck in time). Looks like the least evil choice to go for TDE. Upstream versions seem to offer decent rendering and boast good privacy, and it can be integrated deeply with TQt/TDE. Bulky, with questionable privacy, dependent on Google's choices but seemingly very secure (sandboxing, process separation). Does not integrate really well with the system (includes its own graphics stack and does not integrate with any toolkit at all). Probably out-of-date with latest Blink, so not a very safe choice. Last I checked there was still no decent sandboxing in Firefox for Linux. Also, there is no working embedding API AFAIK with either Gecko or Goanna. Yes, that about sums it up all.