[whatwg] Installable web apps
Mike Wilson
mikewse at hotmail.com
Mon Jun 7 05:11:05 PDT 2010
Aaron Boodman wrote:
> On Fri, Jun 4, 2010 at 4:58 AM, Henri Sivonen wrote:
> > On May 26, 2010, at 20:10, Aaron Boodman wrote:
> >> Another one that we would like in Chrome is a path prefix
> >> for the app.
> >> This is to handle the case of applications like Google Reader
> >> which are on http://www.google.com/reader.
> >
> > How does giving permissions to a prefixed application
> > interact with the origin-based security model?
>
> Poorly. Origin is baked so low into the platform, it is the true
> boundary, and that can probably never be changed. In Chrome, we can
> get close because we can enforce process isolation based on the path,
> but it is an ongoing project to make that bulletproof that might never
> complete.
Raising security based on path is interesting. FYI, there was a small
discussion about it last year:
http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2009-August/022412.html
Best regards
Mike Wilson
More information about the whatwg
mailing list