Moving everything to Cordova browser and deprecating the serve package sounds like a great plan to.
I'd also consider not adding the TLS/HTTPS stuff in the new implementation to make it even less likely that it will get used as a server in production. I'm not 100% sure if everything that requires a secure context in the browser is available on localhost though. On July 14, 2026, Manuel Beck <[email protected]> wrote: > I think it's a good idea to move it in cordova-browser. The SSL thing > is interesting when Cordova is used to run it as a web app. > > Regards, > > Manuel > > > Am 14.07.2026 um 07:32 schrieb Darryl Pogue <[email protected]>: > > > > On Mon, Jul 13, 2026 at 9:19 PM Bryan Ellis <[email protected]> > wrote: > >> > >> The current PoC includes the following: > >> [...] > >> * Adds SSL/HTTPS support but does not generate SSL certificates or > keys. > >> This feature is useful if the app loads HTTPS resources or makes > HTTPS > >> requests and therefore needs to be served over HTTPS to avoid CORS- > related > >> issues. Again, not intended for production use. > > > > I'm not sure if SSL is actually needed because typically browsers > > treat localhost as a special-case secure origin. > > > > That said, if it's minimal/no effort to support it and we don't have > > to bring in a bunch of 3rd party dependencies, then there's probably > > no reason to remove the functionality. > > > > ~Darryl > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected]
