876984 - Create an API for changing manifest URLs

Status: RESOLVED INVALID

(Core Graveyard :: DOM: Apps, defect)

Description

[Daniel Buchner [:dbuc]]

This feature enables the following app use-cases:

- Apps can do custom feature profiling, according to their own measures, to choose which content and features within apps to install or leverage.
- Marketplace can prevent apps from breaking with incompatible updates (when possible)
- Marketplace can implement hosted app blocklisting (with minimal effort)
- Marketplace can aid partners and users experiencing issues caused by domain registrars
- Marketplace can aid partners to transition apps to use HTTPS (currently not possible)

Suggested restrictions for this API:

- May only be used by privileged apps (requires "change_manifest" permission)
- May only be used to change manifest URLs of apps installed by the calling app

Potential risks:

- Devices experiencing man-in-the-middle attacks could be manipulated to install potential malware without user action
- Marketplaces whose servers have been compromised could potentially install potential malware without user action

Example usage:

navigator.mozApps.changeManifest("http://foo.com/url.webapp", "https://bar.com/url.webapp")

Comment 1

[Mounir Lamouri (:mounir)]

Based on the thread in dev-webapps, I do not think there is a huge consensus behind this. I would like the discussion to happen in the mailing-list instead of in the bug if possible.

Comment 2

[Jason Smith [:jsmith]]

I'm going to close this for now until we get clear agreement on what to do here. When we get agreement, file a new bug on what we plan to do.

See https://bugzilla.mozilla.org/show_bug.cgi?id=873900#c30 as well on what I think the right path forward is.

Comment 3

[Jason Smith [:jsmith]]

Actually, I screwed up my comment 2 here. Meant to say - let's get agreement on dev-webapps before we move forward with an API definition.