Return-Path: 
 <dev-return-21699-apmail-cordova-dev-archive=cordova.apache.org@cordova.apache.org>
X-Original-To: apmail-cordova-dev-archive@www.apache.org
Delivered-To: apmail-cordova-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id DEDCDF331
	for <apmail-cordova-dev-archive@www.apache.org>;
 Wed, 20 Mar 2013 10:46:49 +0000 (UTC)
Received: (qmail 78983 invoked by uid 500); 20 Mar 2013 10:46:49 -0000
Delivered-To: apmail-cordova-dev-archive@cordova.apache.org
Received: (qmail 78964 invoked by uid 500); 20 Mar 2013 10:46:49 -0000
Mailing-List: contact dev-help@cordova.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@cordova.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@cordova.apache.org>
List-Post: <mailto:dev@cordova.apache.org>
List-Id: <dev.cordova.apache.org>
Reply-To: dev@cordova.apache.org
Delivered-To: mailing list dev@cordova.apache.org
Received: (qmail 78936 invoked by uid 99); 20 Mar 2013 10:46:48 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Mar 2013 10:46:48 +0000
X-ASF-Spam-Status: No, hits=0.3 required=5.0
	tests=FRT_ADOBE2,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of brian.leroux@gmail.com
 designates 209.85.223.169 as permitted sender)
Received: from [209.85.223.169] (HELO mail-ie0-f169.google.com)
 (209.85.223.169)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Mar 2013 10:46:44 +0000
Received: by mail-ie0-f169.google.com with SMTP id qd14so375120ieb.14
        for <dev@cordova.apache.org>; Wed, 20 Mar 2013 03:46:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:x-received:sender:in-reply-to:references:date
         :x-google-sender-auth:message-id:subject:from:to:content-type;
        bh=4xBRVrA12CcRXusxrzvIurPTCx+ShlmKLGq9wmrXF6I=;
        b=EYBG/1NdGabf+ItJRsyU3qwbTMc4SVqSDrTx6UBGRW0sH/JhT9kqtjoldfGlZBJbuG
         nLDXXuJ0lJiGTZ85ZMWuUHNogxF/Vw2EfAmGaO9eaOy716ce7JLaC6uCrmF7rjqGQKXZ
         887V5o0TuD1YOT8H+JS/LWDCxvrbxpYw9Q1nOc2uTavugE1EuwQGG2wogR7TYY6386vZ
         Pz4TcP1K//Mbbp7T1EnItev2DibfPApAqgrMNwXxAUFxfIzxXJnc/Cizwk2/BpSoPmR9
         0a0V+7fjM6FvND3SmgTYNzujvBFlQOAWhESGTSUVttWWu5MFaJEwgJ9Z2k0vpFJyCrhP
         dEYQ==
MIME-Version: 1.0
X-Received: by 10.50.171.73 with SMTP id as9mr3889328igc.23.1363776384265;
 Wed, 20 Mar 2013 03:46:24 -0700 (PDT)
Sender: brian.leroux@gmail.com
Received: by 10.50.72.12 with HTTP; Wed, 20 Mar 2013 03:46:24 -0700 (PDT)
In-Reply-To: 
 <CAEeF2Tek_2ucwOx99GRWGaV-buwDFPHAu9t9=C+UjTdVLtaSkg@mail.gmail.com>
References: <CD6CF902.5B889%g.natili@gnstudio.com>
	<CD6CA3B0.1A213%fil@adobe.com>
	<CAEeF2Tek_2ucwOx99GRWGaV-buwDFPHAu9t9=C+UjTdVLtaSkg@mail.gmail.com>
Date: Wed, 20 Mar 2013 03:46:24 -0700
X-Google-Sender-Auth: OPv2KI5ooWO-QHNLw4zRpxvJhoE
Message-ID: 
 <CADVgkyM1uad63zANo+cG51zvqTf+BTm3MV+4Ns8xAM3_ArHLrA@mail.gmail.com>
Subject: Re: sysapps runtime cfc passed
From: Brian LeRoux <b@brian.io>
To: dev@cordova.apache.org
Content-Type: text/plain; charset=ISO-8859-1
X-Virus-Checked: Checked by ClamAV on apache.org

Ok, picking this up again. At the working group Fil it would be good
to give our feedback on the manifest as it has related to the Cordova
reality.

I really dislike:

- scripts can only be loaded from inside the app package
- no inline scripts, no eval

I really like the idea of killing the whitelist feature..


On Tue, Mar 19, 2013 at 7:06 AM, Michal Mocny <mmocny@chromium.org> wrote:
> Thanks for the highlights Fil.  Makes for easier reading!
>
>
> On Mon, Mar 18, 2013 at 5:21 PM, Filip Maj <fil@adobe.com> wrote:
>
>> Highlights w.r.t. Cordova:
>>
>> 1. Application manifest JSON (yay!) [1]:
>>
>> 2. There is an Application interface now in charge of handling:
>>   - pause/resume/launch/terminate events
>>   - readonly parameters such as install time, origin, parameters, update
>> state (downloading, installing), package size
>>   - methods such as exit, hide, uninstall, update (interesting!)
>>     - related to update, the spec calls for the update firing
>> asynchronously, reporting back progress events to the app. metaaaa
>> 3. App Management interface, which is deemed as a "privileged" API, to get
>> events about the (un)installation of other applications.
>>
>> Interesting "security" conclusions [2]:
>>
>> - scripts can only be loaded from inside the app package
>> - no inline scripts, no eval
>> - "Media (audio and video) can still be loaded from anywhere;" => this
>> should inform our media APIs once we get to the audit and finally
>> determine that the whitelist has no effect on media. This already applies
>> to images on the web.
>> - "Network connections can still be opened anywhere using data-centric
>> APIs like XMLHttpRequest or WebSocket." => implication here is that the
>> whitelist is, really, useless (which has been my opinion always :D )
>>
>> Related, I will be attending the SysApps Face to Face in madrid [3] next
>> month. If anyone from the Cordova community has specific issues that they
>> would like to see addressed, let me know!
>>
>> [1] http://runtime.sysapps.org/#application-manifest
>> [2] http://runtime.sysapps.org/#csp-policy
>> [3] http://www.w3.org/wiki/System_Applications:_1st_F2F_Meeting_Agenda
>>
>> On 3/18/13 9:03 AM, "Giorgio Natili" <g.natili@gnstudio.com> wrote:
>>
>> >It should be followed (I have had a quick look) but it depends what does
>> >it means from a development point of view.
>> >I mean that there is already a roadmap and that this draft should impact a
>> >lot, so is up to the contributors trying to explain us how much effort is
>> >required.
>> >
>> >Giorgio
>> >
>> >On 3/18/13 8:02 AM, "Brian LeRoux" <b@brian.io> wrote:
>> >
>> >>Have a look: http://runtime.sysapps.org/
>> >>
>> >>What do we think?
>> >
>> >
>>
>>