- From: Ben Francis <notifications@github.com>
- Date: Thu, 26 Mar 2015 06:59:05 -0700
- To: w3c/manifest <manifest@noreply.github.com>
- Message-ID: <w3c/manifest/issues/272/86524528@github.com>
Pinging @sicking for input as I'm not sure I'm familiar with all of his arguments. @marcosc wrote: > What if we (Mozilla) used same-origin manifests as an installability signal? That way, Mozilla's products could still enforce same-origin manifests and rely on the manifest as the identity without forcing the same origin behavior on other vendors? I don't see what that would achieve except create incompatibility between browsers, with some apps only working in some browsers. I think manifest URL being required to be same origin with the app is only loosely related to identity, it doesn't on its own enforce or prevent manifest URL being used to identify an app. I know that in Mozilla's implementation of mozApps it's important for cases where an app is installed from another app (e.g. an app store app) rather than from a page of the app itself, and the manifest URL is used for granting permissions to the app origin. But neither of these are currently use cases supported by the W3C spec. I hope @sicking can elaborate on any other reasons. > It also then gives other OSs the ability to choose their own identifiers. Saying that a manifest URL should be unique to each web app does not prevent OSs using their own identifiers, it just makes it possible to use manifest URL as an identifier and prevents duplicate conflicting apps trying to use the same manifest URL. I have a question about that actually. If a manifest URL is used to update apps and two apps share the same manifest URL, what happens if the metadata of those two apps diverges? How would a user agent update the manifest URL of an app to a different one and know that it's still the same app? --- Reply to this email directly or view it on GitHub: https://github.com/w3c/manifest/issues/272#issuecomment-86524528
Received on Thursday, 26 March 2015 13:59:35 UTC