Hi, > It will be mapped to the real package on the host side. The end goal is > to get rid of app:// urls. We can't do that right away so we'll have a > transition period where we support both app:// and !// packages.
Since app:// will be got rid of, there will be no installed packaged apps in the future. (no app:// to point local packaged app) Because http://XXX!// will always point to real package on the host side. Q1-1 Am I right of getting rid of app:// equals to get rid of installed packaged app? Q1-2 If answer is no, how do we plan to map packaged app on the device? Q1-3 if answer is yes, from permission point of view, the hosted (and packaged) app can not get more permissions then installed packaged app. Because we can't guarantee package which is located on remote host and not controlled by us will never be altered as malicious intent. Then how does developer build a hosted app which needs permissions belonged to installed packaged (privileged) app? Thanks for your kindly response. Sincerely yours. ----- Original Message ----- From: "Fabrice Desré" <[email protected]> To: "Marco Chen" <[email protected]> Cc: "Jonas Sicking" <[email protected]>, "Ben Francis" <[email protected]>, "dev-webapi" <[email protected]>, [email protected], "Marcos Caceres" <[email protected]> Sent: Tuesday, August 19, 2014 9:02:41 AM Subject: Re: Application scopes On 08/18/2014 04:04 AM, Marco Chen wrote: > Hi Fabrice, > > Thanks for your answer and allow me to explain more about question 2 & 3. > > (It seems that I am talking about installed app but you mention hosted app) > > 1. In case that I submitted two apps into market place. > For the first app A I set origin into manifest (ex: > game.testmobile.org). > For the second app B I didn't set origin into it. > > 2. After installing into device, the origin of first app A will be > "game.testmobile.org". (ex: app://game.testmobile.org) > And the second app B will be "uuid". (uuid is a random number > generated by system) (ex: app://uuid) > > Q2-1, is URL of "http://game.testmobile.org/package.zip!//index.html"; > mapped to installed & privileged app A on device or > the real package on remote host side? It will be mapped to the real package on the host side. The end goal is to get rid of app:// urls. We can't do that right away so we'll have a transition period where we support both app:// and !// packages. > Q2-2, if game.testmobile.org is set as the scope attribute in app A's > manifest, does it still act like what hosted app will be? scopes need to be same origin, so this will not match. > Q3-1, According to origin of app B is "uuid", could we really use > "http://uuid/package.zip!//index.html"; to represent it? No, we want http urls to point to real resources. > Even the answer is yes, it seems to be unique identifier in > this device only but not a universal one across devices. > Based the conclusion here, could I say app scheme still can't > be eliminated by "http://XXX/package.zip!//index.html > <http://game.testmobile.org/package.zip%21//index.html>"? In general, we won't try to make app:// and http:// urls work together. We will deprecate app:// and I don't see any use case we support with app:// that we can't achieve with !// Fabrice -- Fabrice Desré b2g team Mozilla Corporation
_______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
