On 15/08/2012, at 4:08 PM, Jonas Sicking wrote: > Two problems were brought up with this: > * It's a bit too simple to allow working with http mirrors. This could > be solved by adding a header to the 302 response which redirects to > the mirror such that we get a hash from the store which we can use to > verify the mirror contents. I believe this matches what we do for > addons.
It would be nice to do the hash checking on first install as well as update. That way we could use the mirrors for install and update. > * It doesn't allow sending any metadata about the update from the > store to the UA. > So the question is. What metadata would we want to send which > prohibits this solution? Can a user optionally choose to update? I might not want to update version 1.2 because it breaks functionality. For this reason, the addon update includes a link to the release notes for each version, if specified. The addon update also includes browser versions. I'm hoping that run time versions is not something we'll get into, but in the future I can see an app not working on certain run times because APIs are lacking. > What other solutions do people have in mind > for updates? _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
