Hello - People can certainly created rogue UAs that can bypass much more than "installs_allowed_from". But I don't think manufacturers are likely to do this as they know it would seriously impact the ecosystem of stores/developers/devices as it would be a disincentive for developers to develop for the platform. Device manufacturers can make it difficult for folks to install rogue UAs by requiring signed code before installing/running new UAs (as some Android devices do). This isn't to say it can't/won't happen. B2G is effectively a rogue UA on Android, but I don't think it is likely to be done as part of an manufacturer distribution. As mentioned previously, if an author wants, they can allow for distribution from any place using the "*". but it is ultimately up to the app developer to make that choice. -Jim Straus
On May 24, 2012, at 6:43 AM, Gervase Markham wrote: > On 23/05/12 16:20, Fabrice Desre wrote: >> Nothing, like for many other things you trust your UA. > > But this isn't a case of "trusting" the UA - the user may well _want_ > the UA to ignore such things. It's the app author who has to trust the > UA; what incentives does the UA author (who responds to the wishes of > the user, right? User control, and all that) have to respect this setting? > > If I were writing a UA, and could reliably distinguish between free and > paid apps, I'd certainly ignore this value for free apps. More apps work > in my UA, my users are happier, the app author shouldn't care which site > pointed me at his app, I've installed it just the same way as everyone > else; everyone wins. > > Gerv > _______________________________________________ > dev-webapps mailing list > dev-webapps@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-webapps _______________________________________________ dev-webapps mailing list dev-webapps@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-webapps