Migrate from JS injection on the page to a full fledged XPCOM component

[crankycoder]

The Firefox security team has indicated that there are numerous and ongoing new attacks based on JS injection.

We can avoid all these issues by exporting an XPCOM component and registering a "@mozilla.org/geolocation;1" component and intercepting all the calls to it.

The last component to register the ClassID wins - so in our case - as an addon, we'd end up clobbering the built in mozilla.org/geolocation;1 component and be the 'real' geolocation provider.

Relevant MDN documentation to build an XPCOM component: https://developer.mozilla.org/en-US/Add-ons/SDK/Low-Level_APIs/platform_xpcom

[crankycoder]

For reference - the XPCOM interface which needs to be clobbered is: https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/NsIDOMGeoGeolocation