Hi Gerv, On Thu, 17 May 2012 15:40:59 +0100, Gervase Markham wrote: > My understanding was that a principle of the "Mozilla way" of doing app > stores is that we wanted a variety of stores - anyone can set one up, > and stores would compete on ease of use, etc. We are not trying to set > up a third monopoly store alongside the iTunes store and Google Play. > For this to work, stores should be able to collect web apps and offer > them to people. > > However, the manifest value "installs_allowed_from" seems to work in > entirely the opposite way; how could a new player enter the app store > space if none of the existing apps could be installed through their > store?
That's correct, a new player would have to convince existing app authors to list their store URL in installs_allowed_from, or he would be limited to apps that don't use installs_allowed_from since it defaults to "*". > Could the team explain the purpose of this value? What security concern > prompted its inclusion in the manifest format? I'm not part of the apps team, but I guess the purpose is to prevent rogue stores to sell apps without the author consent. As fas as I can tell, this is totally possible with apps that don't use "installs_allowed_from" or list "*" in the values. Fabrice _______________________________________________ dev-webapps mailing list dev-webapps@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-webapps