[whatwg] Installed Apps

could the botnet concern be addressed by restricting network access from the
background page when there is no foreground page referencing it? e.g.
restrict it to requests to the same origin, no matter how those requests are
made? wouldn't let gmail precache linked images, when fetching new mail, but
that's not a huge concern.


2009/7/28 Aryeh Gregor <Simetrical+w3c at gmail.com<Simetrical%2Bw3c at gmail.com>

> There's not really a whole lot that a malicious or incompetent
> persistent page could do to the user's computer.  At worst, it could
> interfere with the browser.  I guess the botnet concern is justified,
> though (for use in DDoS or something).  Not sure how to avoid that.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090728/1ca719c6/attachment.htm>

Received on Tuesday, 28 July 2009 14:23:25 UTC