Re: [w3c/manifest] Support a way to update explicilty (#446) from Marcos Caceres on 2016-04-08 (public-webapps-github@w3.org from April 2016)

From: Marcos Caceres <notifications@github.com>
Date: Fri, 08 Apr 2016 01:14:56 -0700
To: w3c/manifest <manifest@noreply.github.com>
Message-ID: <w3c/manifest/issues/446/207301257@github.com>

> If I visit the same URL a week apart I get no warnings that the content has changed since the last time I visited?

But you totally do. For instance, Safari shows you the following when you go to bbc.com/news:

![screenshot_2016-04-08_17_57_08](https://cloud.githubusercontent.com/assets/870154/14377551/96d3cd16-fdb3-11e5-9dff-8242434e31f5.png)

And Chrome:
![screenshot_2016-04-08_18_07_19](https://cloud.githubusercontent.com/assets/870154/14377785/f99b425c-fdb4-11e5-9c0c-94bf02058e6f.png)

There are a lot of indicators built into browsers to make users aware of what is going on. And, if for instance, you retuned to the bbc.com and their cert had expired, the browser would warn you.

The same with native apps, like providing either, or both, an accessible history showing what's being updated:

![screenshot 2016-04-08 18 02 27](https://cloud.githubusercontent.com/assets/870154/14377627/167daf0a-fdb4-11e5-950c-8a37965325e7.png)

The reason it feels different than traditional software updates is that the Web's same origin policy and browser sandboxing protects web pages from meddling with the underlying OS. Web manifest changes that:

1. it can add an icon to the user's homescreen.
2. it can set the name of the application.
3. it can take away the browser's chrome.
4. it can redirect the browser somewhere unexpected (via start_url)
5. it can hide information about the user in the start URL (or other URLs - if those URLs are rewritten and captured via a service worker, for instance)

> If the "effect" of a manifest is limited to functions that will not impact security or privacy then the normal controls for managing those risks should suffice surely?

But they would impact security and privacy (see all the recently added security and privacy notes in the spec). So doing a "sneaky" switcharoo of the icons and name of the icons that the user is not aware of would be really bad. At least, at Mozilla I know we would be absolutely against just allowing applications to switch any part of the manifest without the user knowing about it (and modifying them).

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/manifest/issues/446#issuecomment-207301257

Received on Friday, 8 April 2016 08:15:26 UTC