[whatwg] Installed Apps

[Aryeh Gregor]

On Tue, Jul 28, 2009 at 1:01 PM, Drew Wilson<atwilson at google.com> wrote:
> I've been kicking around some ideas in this area. One thing you could do
> with persistent workers is restrict network access to the domain of that
> worker if you were concerned about botnets.

How would that work for background pages, though?  It couldn't include
any files from other domains in any form (image, script, style, etc.)?
 But it could still spawn a regular tab and load whatever it wanted in
that.  Have it spawn a popunder window, say, quickly open a bunch of
things from foreign sites, and close it before the user notices
anything more than a sudden odd flicker.  Or whatever.  Workers, if I
understand right (I haven't read the spec . . .), can't do things like
open new tabs, but it's been explicitly stated that these background
pages should be able to do just that.