On Friday, September 6, 2013 5:47:20 PM UTC+2, Igor Leturia wrote: > Hi all, > > > > I have developed an app for guiding people in their hikes with maps, tracks > and GPS position, Hiking Guide > (https://marketplace.firefox.com/app/hiking-guide). I developed it so that it > could use OpenStreetMap and Google Maps. > > > > But Google Maps library has to be included as an external JS file, and the > CSP does not allow this. I tried to download the JS and include it with the > app, but this is not recommended since they update it quite often. And they > explicitly try to disallow so: in the first JS file > (http://maps.google.com/maps/api/js?v=3&sensor=false), other JS files are > downloaded by script injection into the HTML document and it does this many > times, so it is not easy to download the whole library... And if I just > include the first, the CSP blocks the injection... > > > > The only solution for the app not to be rejected has been to remove all > Google Maps functionality completely... > > > > Not having a way to use Google Maps in Firefox OS is a great disadvantage for > this platform. A web app can be used in other platforms with Google Maps, but > not in Firefox OS (I have tried mine on Android with Firefox with no > problems). This can make Firefox OS unattractive for developers or users... > Besides, porting a working web app to Firefox OS is not as simple as > including a manifest file or zipping it for a packaged app, as it is > claimed... > > > > So my question is: couldn't Firefox OS include a way to have some 'trusted' > sources, from which external JS files could be included and where eval()-like > functions could be called? That way, this and other libraries could be used. > > > > Thanks in advance, > > > > Igor Leturia
Why do you need to be a privileged app? If you aren't you don't have CSP restrictions. _______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
