Moving everything to Cordova browser and deprecating the serve package
sounds like a great plan to.

I'd also consider not adding the TLS/HTTPS stuff in the new
implementation to make it even less likely that it will get used as a
server in production.

I'm not 100% sure if everything that requires a secure context in the
browser is available on localhost though.

On July 14, 2026, Manuel Beck <[email protected]> wrote:
> I think it's a good idea to move it in cordova-browser. The SSL thing
> is interesting when Cordova is used to run it as a web app.
>
> Regards,
>
> Manuel
>
> > Am 14.07.2026 um 07:32 schrieb Darryl Pogue <[email protected]>:
> > 
> > On Mon, Jul 13, 2026 at 9:19 PM Bryan Ellis <[email protected]>
> wrote:
> >> 
> >> The current PoC includes the following:
> >> [...]
> >> * Adds SSL/HTTPS support but does not generate SSL certificates or
> keys.
> >> This feature is useful if the app loads HTTPS resources or makes
> HTTPS
> >> requests and therefore needs to be served over HTTPS to avoid CORS-
> related
> >> issues. Again, not intended for production use.
> > 
> > I'm not sure if SSL is actually needed because typically browsers
> > treat localhost as a special-case secure origin.
> > 
> > That said, if it's minimal/no effort to support it and we don't have
> > to bring in a bunch of 3rd party dependencies, then there's probably
> > no reason to remove the functionality.
> > 
> > ~Darryl
> > 
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [email protected]
> > For additional commands, e-mail: [email protected]
> > 
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]

Reply via email to