On Jul 9, 2012, at 11:48 AM, Justin Lebar wrote: >> To make things more similar to how web pages normally work, we could allow >> pages from app://developer.com/ to make network requests to >> http://developer.com. I.e. the app would be allowed to open XMLHttpRequest >> connections to http://developer.com/ <http://developer.com/.>myapi.cgi >> without >> requesting any special privileges. Likewise <img>s and <video>s loaded from >> http://developer.com would not be considered cross-origin for example for >> the purposes of tainting when drawn into a <canvas>. > > Does https work as well? I'm not sure about the security implications > of that, but I'd be concerned about a system which encourages (or even > allows!) trusted apps to use unencrypted HTTP.
It should IMHO. Apps should use HTTPS when possible, but the reality is that many data sources don't support or don't require HTTPS. Everything from public news stories, public photos, stock quotes, etc are often only provided via HTTP. There are no such restrictions for any other app ecosystem (desktop included). That's not to imply this isn't a worthy goal.. thats why we're working on https://wiki.mozilla.org/Security/Features/Mixed_Content_Blocker and https://wiki.mozilla.org/Security/Features/HighlightCleartextPasswords >> All in all this definitely means that trusted apps won't be as webby as >> normal apps. > > One thing which would obviate much of my trepidation about this would > be to provide a way to load an app via a URL. That is, if I visit > "http://foo.com/my-app.zip";, I'll get a scary message (like we do now > for invalid certs), and can, by clicking through, "run" this trusted > app. So allow arbitrary websites to launch an app via the app:// scheme? Or just the ability to launch from the URL bar in the browser? > > This is important for developers, if nothing else. I always think that's a great argument for a developer-mode feature (or devtools). > I could imagine this evolving into: If I navigate to that zip and > discover that it's signed by an app store I trust, I don't have to > click through the scary error message. But I think that's a v2 > feature. So the ability to run it off the web without installing it? Haven't thought about that. Lucas. _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
