On Thu, Feb 19, 2015 at 12:18 AM, Anne van Kesteren <ann...@annevk.nl> wrote: > On Wed, Feb 18, 2015 at 7:16 PM, James Burke <jrbu...@gmail.com> wrote: >> Mobile use is really large. Native mobile apps do not have >> restrictions from these APIs. > > As indicated most don't need them either.
For email, a tcpsocket-based capability is needed. Most people use email. In terms of the goals of the original post for this message though, fine, leave that out for now. >> If web sites are concerned about getting >> cross domain hits, they can get them now from native apps. > > The only reason "native apps" have these is because they are centrally > vetted and distributed. And not having that is what makes the web > great. Pushing off these capabilities to require human review means that we will always need a packaged app story. That or a way to sign and certify a set of network-fetched files, and a way to submit signatures for review, and a way to configure service workers to not allow downloading of an update until the signature for the new grouping has been approved. I bet the signed artifact for review and service worker checking will a lot like an appcache manifest with signatures for each file in the list. AppCache 2 FTW! ;) James _______________________________________________ dev-b2g mailing list dev-b2g@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-b2g