On 25/04/13 17:34, Ben Adida wrote: > Potch has a great proposal: let apps declare a marketplace in their > manifest. If apps are served from and signed by the marketplace, then > any origin is okay (after review.) If apps are self-hosted, then the > only origin allowed is that of the hosting site. > > I suggested a tweak to this: if a packaged app is served from > https://example.com, then it can set an origin of app://example.com, so > that it is stable but also different from the actual hosted origin.
Jonas and I have been speaking about that a few times and the solution we though about was to allow privileged applications (aka signed applications) to specify one origin in the manifest that will have to be reviewed with the code. However, we should definitely not use "app://example.com" because that would not be same origin with "http://example.com"; as Fabrice said. As I see it, this is a terrible violation to the packaged application security principles but it seems to be the best compromise. That means that packaged applications that are not privileged will not be able to have another origin that app://{guid}. Also, hosted applications already have an origin so they don't need that feature. -- Mounir _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
