All good points, thanks!
Currently, there is one thumbnailer service instance for all apps/scopes
that are run by the user. So, it's one per user. (We could have one for
the entire system though equally well, but that's currently moot, seeing
that phone isn't multi-user, at least not concurrently.
On 12.01.2016 10:28, Michi Henning wrote:
> After discussing this with James, here are some thoughts.
>
> Adding direct download of arbitrary remote images opens an attack/bug
> vector. For example, a caller could ask for http:// and it
> turns out that the remote server (maliciously or otherwise)
After discussing this with James, here are some thoughts.
Adding direct download of arbitrary remote images opens an attack/bug
vector. For example, a caller could ask for http:// and it
turns out that the remote server (maliciously or otherwise), is very
slow, or doesn't respond at all until the
Doing this would not be hard. The underlying persistent-cache-cpp thingy
already handles TTL eviction. The time to live can be set on a per-
thumbnail basis. So, you can just ask for a thumbnail and provide an
expiry time, and the thumbnail will automatically be re-fetched once it
expires. Or you c
