[whatwg] AppCache and SharedWorkers?

On Thu, Mar 26, 2009 at 1:19 PM, Alexey Proskuryakov <ap at webkit.org> wrote:

>
> But I was looking at this in terms of a model for users, not any specific
> security threats - if we think of persistent workers as an equivalent of
> native applications that need installation, then we should consider that
> native applications don't usually update themselves without user consent.
>

It seems like a common model is for offline-enabled applications to store
their javascript in the ApplicationCache, and encourage users to create
desktop links to access those apps even when offline. Should these
applications (which for all intents are "installed") also prompt users
before updating? Are you suggesting that user agents may want to require
explicit user permission when any application invokes
ApplicationCache.update()? That might be a reasonable approach if a given
user agent wants to enforce some kind of "no silent update" policy...

-atw
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090326/d721a586/attachment.htm>

Received on Thursday, 26 March 2009 14:16:27 UTC