On 26.03.2009, at 19:26, Drew Wilson wrote:
Letting faceless background processes update themselves without user
consent is not necessarily desirable. I think that they need browser
UI for this, and/or associated HTML configuration pages that could
(among other duties) trigger application cache update.
I'd be curious about why you think this is a problem, especially
given the existence of importScripts() and XHR which allow workers
to load scripts dynamically anyway.
importScripts() will only allow dynamic loading if any URL prefixes
are designated as "NETWORK" in the manifest, which security sensitive
users may potentially detect and block. The level of support for this
in browsers, firewalls, anti-viruses and other software will obviously
depend on future usage patterns and threats, but the possibility is
there.
But I was looking at this in terms of a model for users, not any
specific security threats - if we think of persistent workers as an
equivalent of native applications that need installation, then we
should consider that native applications don't usually update
themselves without user consent.
- WBR, Alexey Proskuryakov
