* Cookie support (I see this is partially implemented)
* File download support
* Mouse movement API (move to pos X,Y - click)
* NSPlugins support (Flash, etc)
Explains those NoScript people quite well.
What's very surprising is the "obfuscated eval" statement -- some term which ultimately evaluates to 'window' is queried for something crazy like:
w[(typeof 3) + "va" + (document.body + "")]
I am not sure why they do this. My first thought is "to prevent being automatically taken down by The Man", but The Man could afford to automatically dispose of a computer while monitoring its network traffic, rebooting from a fixed disk image like a LiveCD afterwards. So it shouldn't be too hard to automatically discover the domains, IPs, and malicious programs involved. I don't know why you'd obfuscate a redirection.
I thought you are talking about something new.
There is this streaming camera of the ocean that I check often, but it's Flash and I'd love to check it from my iPhone. Could Ghost.py be used to get the Flash video? (then turn it into images by other means). Thanks.
Good luck at it, though - seems the hard way to go about it.
It powers Safari and Chrome, and a lot of smaller projects (mobile browsers, email clients, etc).