Serving apps with the new security model means that the apps are served
as signed packages. They get real https uris, but you still can't just
eg. host them on a gh-pages branch in github that easily.
As for updates, it's unclear if we would let a signed SW manage the
updates for an app itself or not. If not, you will have to sign a new
package, and for now we don't let 3rd parties do the signing.
Fabrice
On 12/04/2015 08:44 AM, Wilson Page wrote:
> Few core Gaia apps require 'tcp-socket' permission do they?
>
> *W I L S O N P A G E*
>
> Front-end Developer
> Firefox OS (Gaia)
> London Office
>
> Twitter: @wilsonpage
> IRC: wilsonpage
>
> On Fri, Dec 4, 2015 at 11:49 AM, Frederik Braun <[email protected]
> <mailto:[email protected]>> wrote:
>
> On 03.12.2015 19:36, Justin D'Arcangelo wrote:
> > So, I *think* that means that the only thing
> > really blocking us from transitioning to hosted apps is the security
> > model, right?
>
> It's not just the "Gaia security model" stopping us here. Unfortuantely,
> it's the security model of the web.
>
> We can't just allow websites to access TCP ports on arbitrary other
> servers (i.e., email.gaiamobile.org <http://email.gaiamobile.org>
> accessing smtp.google.com <http://smtp.google.com>). It would
> violate the Same Origin Policy and everything that the web is built
> on. :-/
>
> _______________________________________________
> dev-fxos mailing list
> [email protected] <mailto:[email protected]>
> https://lists.mozilla.org/listinfo/dev-fxos
>
>
>
>
> _______________________________________________
> dev-fxos mailing list
> [email protected]
> https://lists.mozilla.org/listinfo/dev-fxos
>
--
Fabrice Desré
b2g team
Mozilla Corporation
_______________________________________________
dev-fxos mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-fxos
