- From: Mounir Lamouri <mounir@lamouri.fr>
- Date: Fri, 19 Apr 2013 15:29:44 +0200
- To: public-sysapps@w3.org
On 19/04/13 05:15, Ming, Bai wrote: > Hi all, > After reading the spec, I'm still a little bit unclear about the > following points. I'll appreciate it if anyone could give me some pointers. > > 1. The 'launch()' 'install()' 'uninstall()' 'applyupdate()' are > separated to several different places, is it okay? looks like they > should be put together in a management interface. > * If it's a design consideration, it's still a little bit confuse > regarding to the permissions. For example the > Applicationmanagement.applyUpdate is restricted to privileged > callers and what about Application.uninstall? or > ApplicationRegistry.install? launch() and uninstall() live in the Application object because you want to uninstall or launch a specific application, so you can get the application then call the method. The specs currently say that you should fire an error if the caller isn't allowed to do the action but the not allowed part isn't specified, the reason is that it isn't only related to a permission and most of the time, if you can access an application object, you should probably be able to launch or uninstall it. The ways being that you are a store that installed the application or you are the application itself. Regarding install(), it is on purpose living in ApplicationRegistry instead of ApplicationManagement because we want any website to be able to install() its own application and any website being able to behave like a store. ApplicationManagement is there only so anyone can write an application that takes care of managing *all* installed applications. For the moment, the specification considers that this privilege level is required to call .applyUpdate(). > 2. What's the exactly meaning of the "launch_path"? Does it means that > all resources are located under origin+launch_path? launch_path is the path that will be launch when the application is started. Most of the time it will be index.html. > 3. A little bit confusion of mixing the packaged apps and offline > application cache, I mean, both of them have resource stored locally. Indeed, both of them have that but the intent isn't the same. Packaged applications are trying to solve two issues: - security, because when you are a packaged application, it is easy to know what code will be run in a privileged mode given that it has to be contained in the packaged. Reviews or code analysis can be done and work which isn't the case for hosted applications that can have their code changing at any time; - distribution, because for some developers it might be easier to distribute applications as a zip file that contains everything. It also allows developers to write web applications without the burden of maintaining a web server. Thanks, -- Mounir
Received on Friday, 19 April 2013 13:30:08 UTC