- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Wed, 28 May 2014 10:37:39 +0200
- To: Marcos Caceres <w3c@marcosc.com>
- Cc: Ben Francis <bfrancis@mozilla.com>, public-webapps <public-webapps@w3.org>
On Tue, May 27, 2014 at 9:53 PM, Marcos Caceres <w3c@marcosc.com> wrote: > On May 27, 2014 at 3:31:15 PM, Ben Francis (bfrancis@mozilla.com) wrote: >> One risk of allowing cross-origin manifests might be that these >> "tailored app experiences" are perceived by the actual app author >> and/or end users as a "fake app" masquerading as the real thing. >> In the longer term when additional features are added to the manifest >> there could be additional risks. >> >> That is why I'm interested in feedback on whether this is a desirable >> feature or not. > > That's a very good summary of both the use case and the problems. I'm also interested in hearing feedback. As Ben makes clear, "same-origin" basically kills installations from custom stores. Wait what? Man-in-the-middling someone's content is not a use case. -- http://annevankesteren.nl/
Received on Wednesday, 28 May 2014 08:38:07 UTC