Brian Smith wrote:
#2 is important so that nobody can trick the web server into asking the user to replace one app with another (unrelated) app that the marketplace has signed.
The way the "v1" blocklisting was spec'd, this is required to blocklist apps. The way it currently works is a reviewer or admin flags an app as blocklisted (malicious in some way). When we serve up the mini-manifest JSON document and find that the app is blocklisted, we serve a different mini-manifest that points to the blocklisted package. The Etag is different so FxOS thinks this is an update and installs it over the currently installed app. If/when the dev fixes their app, a reviewer can remove the block, which means the mini-manifest is now pointing to the updated version of the package with new Etag, and the blocked app is overwritten with the real app.
I'd prefer a better way to implement this personally and am interested in hearing about "v2" blocklisting. But recall that this was how it was chosen to be done because there wasn't time to implement real blocklisting on device by the deadline.
_______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
