- From: Ben Francis <notifications@github.com>
- Date: Wed, 27 May 2020 09:31:53 -0700
- To: w3c/manifest <manifest@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 27 May 2020 16:32:05 UTC
@npdoty wrote: > Is there documentation or a little more detail on the authentication (or other) use cases that are broken by using a separate cookie jar for an installed web app's origin? There's discussion on this spread over many issues over a number of years, e.g. https://github.com/w3c/manifest/pull/701 The classic example is something like calendar.google.com redirecting to accounts.google.com and then back again. > Are implementations of installed web apps currently staying in scope when the user browses to a link outside the app's scope? That seems surprising to me as a user, and I'd be curious to learn the motivation for that design choice. Why not just have an installed web app that operates in its scope and when users click a link to another origin it opens in the user's web browser, like with other installed apps? I agree with you, but it's not as simple as it may first appear. I just wrote some comments related to this [here](https://github.com/w3c/manifest/issues/747#issuecomment-634775863). -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/manifest/issues/399#issuecomment-634784453
Received on Wednesday, 27 May 2020 16:32:05 UTC