[Bug 29506] New: Support for a system-wide configuration file to specify permissions for web-applications

https://www.w3.org/Bugs/Public/show_bug.cgi?id=29506

            Bug ID: 29506
           Summary: Support for a system-wide configuration file to
                    specify permissions for web-applications
           Product: WebAppsWG
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: XHR
          Assignee: annevk@annevk.nl
          Reporter: sworddragon2@aol.com
        QA Contact: public-webapps-bugzilla@w3.org
                CC: mike@w3.org, public-webapps@w3.org
  Target Milestone: ---

Initially I have reported this here (
https://github.com/w3c-webmob/installable-webapps/issues/52 ) but since the
group has closed I'm forwarding it to here. Here is a copy of the original
report:



At Mozilla's bugzilla a discussion woke up (
https://bugzilla.mozilla.org/show_bug.cgi?id=424875 ) to make XMLHttpRequest
useable for web-applications on the file-protocol without requiring the server
to enable CORS. At the end of the current discussion I got the idea of a
system-wide configuration file to solve this issue:

- It contains permissions it grants to web-applications (for example
specific/all permissions on specific files/directories).
- Installer invoked by the user can write the required permissions for their
web-application to this file. Also the user can enter manually entries if he
wants.
- A site launched unintentionally on the file-protocol can't do evil things
since it wouldn't be listed in this file.


This would help to make web-applications launched on the file-protocol (for
example installed by upstream-installers on desktop-PC's) to be more
competitive.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Received on Friday, 26 February 2016 05:25:47 UTC