On 2 April 2015 at 18:23, Benjamin Francis <[email protected]> wrote:
> I have some comments on Jonas' proposed new security model for B2G. > Apologies to Jonas if this is a work in progress and not ready for > discussion, but it's been on the wiki for a few days now and I think Tim > linked to it in his blog post so I figured it was fair game ;) > > https://wiki.mozilla.org/FirefoxOS/New_security_model > > *URLs* > > The proposal says that "The format used for the packaging will be the one > defined in the W3C packaging spec draft". In addition to a packaging format > that spec [1] proposes a different URL format than the !// system which is > discussed here. > > In the W3C proposal the package is specified in a <link rel="package" > href="..." scope="..."> link relation and is an alternative way to fetch a > packaged version of a bunch of URLs within a defined URL scope in a single > HTTP request. Before trying to separately GET any resources which fall > within that scope, the user agent should first check inside the package to > see if the resource is included. > > In the W3C draft the example URL you give of: > > https://website.com/RSSReader2000/package.pak!//index.html > > would simply be: > > https://website.com/RSSReader2000/index.html > > But could also be referenced directly inside the package if needed with: > > https://website.com/RSSReader2000.pak#url=index.html > > Each part of the package has a Content-Location header to refer to the > non-packaged resource's canonical URL. > > What I like about this proposal is that it's more backwards compatible and > easier to retro-fit to existing content, and doesn't require a special URL > format. > > What's the reason for needing the new !// separator? is there a risk that > this could create parts of the web which will only work in Mozilla > products? Would the server be able to distinguish between user agents which > support the packaging format and those that don't, in order to return an > unsigned individual resource instead of the package for a given URL? It > would be nice to degrade gracefully even when the privileged permissions > aren't supported. > > As I see it, the !// URL separator is a great way of supporting the new package format, without needing the server code to be updated, and at the same time being backwards compatible. Let me explain: http://example.com/package.pak!//index.html and http://example.com/package.pak!/index.html are essentially equivalent. The !// separator is just needed to tell the browser that this is a packaged app. A browser which supports packaged apps will simply download package.pak, and use it from the disk, while a browser which doesn't will just request the resource at package.pak!//index.html Until all browsers support the packaged app format, developers could just put the package.pak on the server, but also a folder named package.pak! containing all of the files in the package, and get the same behaviour for all browsers (for unprivileged code at least). Servers supporting packaged apps could generate the package.pak file on the fly, based on the files in the package.pak! directory, or the other way around - responding to requests for subresources with content from the packafge. This is still a work in progress, but I think this URL format is a bit better than the one defined in the W3C spec. We already have telemetry that !// isn't used much on the web http://mzl.la/19PNUSF. Basic support for packaged apps is being added in Bug 1036275
_______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
