Hi Fabrice, Thanks for your answer and allow me to explain more about question 2 & 3.
(It seems that I am talking about installed app but you mention hosted app) 1. In case that I submitted two apps into market place. For the first app A I set origin into manifest (ex: game.testmobile.org). For the second app B I didn't set origin into it. 2. After installing into device, the origin of first app A will be "game.testmobile.org". (ex: app://game.testmobile.org) And the second app B will be "uuid". (uuid is a random number generated by system) (ex: app://uuid) Q2-1, is URL of " http://game.testmobile.org/package.zip!//index.html " mapped to installed & privileged app A on device or the real package on remote host side? Q2-2, if game.testmobile.org is set as the scope attribute in app A's manifest, does it still act like what hosted app will be? Q3-1, According to origin of app B is "uuid", could we really use "http://uuid/package.zip!//index.html"; to represent it? Even the answer is yes, it seems to be unique identifier in this device only but not a universal one across devices. Based the conclusion here, could I say app scheme still can't be eliminated by " http://XXX/package.zip!//index.html "? Thanks, Sincerely yours. ----- Original Message ----- From: "Fabrice Desré" <[email protected]> To: "Marco Chen" <[email protected]>, "Jonas Sicking" <[email protected]> Cc: "Ben Francis" <[email protected]>, "dev-webapi" <[email protected]>, [email protected], "Marcos Caceres" <[email protected]> Sent: Saturday, August 16, 2014 12:29:35 AM Subject: Re: Application scopes Hi Marco, I'm not Jonas, but I think I know some of the answers. On 08/15/2014 12:24 AM, Marco Chen wrote: > Hi Jonas, > >> Once we implement the "http://foo.com/package.zip!//file.html"; URLs >> for packaged apps, it should work just like for hosted apps. > > Q1: May I know Firefox already has the decision to support it or not? > If answer is yes, does it only support by Firefox or other browser > vendors also? The plan is for now to enable that only on b2g. We'll need to get the !// vetted by standards bodies like w3c and ietf, which is likely a long road. > Q2: For hosted apps, system always looks for the resources from app > cache first then external web site. > For privileged apps, do we need "app scope" been supported first or > looking for resources inside the device then external one in default? I'm not sure to understand you question. With or without app scopes (which are mostly fancy redirects) we will got the cached version whenever it's available - in the http://foo.com/package.zip!//file.html case we keep the zip around. > Q3: How about the support of these privileged apps without origin > definition in their manifest? > Their origin will be the UUID generated by device then how do we > use http scheme to represent them? With http://foo.com/package.zip!//file.html we don't need origin support in the manifest anymore. These apps get their origin from the manifest url. For some use cases like checking csp we need to consider http://foo.com/package.zip as the 'self' scope though, and there are other issues around origins that Jonas and Paul are figuring out. Fabrice -- Fabrice Desré b2g team Mozilla Corporation
_______________________________________________ dev-b2g mailing list [email protected] https://lists.mozilla.org/listinfo/dev-b2g
