Yes, you can add a csp to your manifest file. I'm assuming you're going
for a privileged app (since normal apps don't have a default CSP
applied). If so, you can just add:
"csp" : "default-src *; script-src 'self'; object-src 'none'; style-src
'self' 'unsafe-inline'",
To your app manifest file and that should enforce the same restrictions
to your app than a device privileged app would have.
For more information about this, you can check .
Best regards,
Carmen
El 06/09/13 11:11, Igor Leturia escribió:
Hi all,
I am developing a webapp for Firefox OS. I tested it in the simulator and in a
Geeksphone Peak phone (pushing the app from the simulator) and everything
worked fine. But then I packaged it and submitted it to the marketplace, but
was rejected because it was not working.
Apparently, some CSP restrictions that were not being applied in the previous
tests caused it to fail. As far as I have been able to guess, the prohibition
for eval() instructions applies both in the test environment and in the
packaged apps, but the use of external scripts, for example, is allowed in the
simulator and in the pushed-to-phone app, whereas it is not in packaged apps...
And I do not know the case of other restrictions.
So my question is: isn't it possible to test an app in the same conditions as
will be applied when the app is packaged for the marketplace? Otherwise, the
approval process of an app is very tiresome: it gets rejected and the only way
to evaluate if the corrections made are right is to resubmit it and wait for
the evaluation, which takes days...
Thanks in advance,
Igor Leturia
_______________________________________________
dev-b2g mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-b2g
________________________________
Este mensaje se dirige exclusivamente a su destinatario. Puede consultar
nuestra política de envío y recepción de correo electrónico en el enlace
situado más abajo.
This message is intended exclusively for its addressee. We only send and
receive email on the basis of the terms set out at:
http://www.tid.es/ES/PAGINAS/disclaimer.aspx
_______________________________________________
dev-b2g mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-b2g
