Don't wrap the UI as a "system app"

[timdream]

It's possible to enable a given permission on a non-App origin; there is no need to load http://mozver.github.io/ as an app.

All it takes is

    var uri = Services.io.newURI(origin, null, null);
    var principal =
      Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri);
    Services.perms.addFromPrincipal(
      principal, perm, Ci.nsIPermissionManager.ALLOW_ACTION);

in the chrome JavaScript; you could do it in a SDK add-on too.

How about let's rip some extra code in the VR add-on and replace it with this small snippet?

(I have not yet investigate how the UI is being loaded in graphene yet though)

[timdream]

It is probably better if the URL can be changed to https too.

[caseyyee]

Tim, we didn't continue development with the add-on after the initial phases of building out Horizon. I think there is certainly value in getting it going again. It gives us another packaging alternative to the standalone application we have been focusing on building.

That said, I don't know much about how this works -- so I trust your judgement on what needs to be done here!