On 06/29/2012 07:14 AM, Benjamin Smedberg wrote:
1) the ability to store data. We can allow this because the user has
easy control over this by uninstalling the application
2) the ability to suppress security UI such as the location bar. We can
allow this because we tell the user at install time what domain the
content is coming from.
So in general there is nothing a webapp can do by default which can't be
undone by the user simply uninstalling the app. This is completely
different from an ActiveX install, where you have to trust that the code
won't do bad things. In general, trying a webapp *should* be as
lightweight as clicking a link.
I don't think it is, neither do I think it is realistic for us to try
and make it so (for all kinds of apps, at-least). This becomes
especially apparent on B2G, for sensitive apps like the dialer, SMS. For
some other APIs like camera access, certified/trusted apps get some
extra perks like being able to enumerate all local media devices.
In our current security model:
https://wiki.mozilla.org/Apps/Security#Types_of_applications we have
"installed trusted applications" and "certified applications", and these
two definitely way beyond any normal web page. The problem is that the
nature of a web page is at direct odds with some security requirements,
hence the need for another conceptual wrapper: the "webapp".
-Anant
_______________________________________________
dev-webapps mailing list
dev-webapps@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-webapps
