Networking/Archive/Necko/Web packages: Difference between revisions
< Networking | Archive
Jump to navigation
Jump to search
(Created page with "== Description == Web packages are a new packaging format for apps or web resources in general. The packaging format is based on the [http://www.w3.org/TR/web-packaging/ W3C s...") |
(→Prefs: add two prefs developer-root and trusted-origin) |
||
| Line 15: | Line 15: | ||
network.http.signed-packages.enabled | network.http.signed-packages.enabled | ||
- Set this to true in order to enable signature verification | - Set this to true in order to enable signature verification | ||
network.http.signed-packages.developer-root | |||
- (Testing only) Set this to the path of your own signing certificate in your device in order to use this certificate to verify packages not signed by the marketplace. | |||
network.http.signed-packages.trusted-origin | |||
- (Testing only) Set this to the origin you trust to bypass verification of packages from that origin. | |||
Revision as of 02:04, 28 October 2015
Description
Web packages are a new packaging format for apps or web resources in general. The packaging format is based on the W3C spec with the exception that resources are uniquely identified by a URL composed of the package URL, the !// separator, followed by the path to the resource inside the package.
Example: http://example.org/path/to/package.pak!//path/to/resource.html
Implementation
The bulk of the implementation is located in
netwerk/protocol/http/PackagedAppService.cpp netwerk/protocol/http/PackagedAppVerifier.cpp netwerk/protocol/http/PackagedAppUtils.js
Prefs
network.http.enable-packaged-apps - Set this to true in order to enable this feature network.http.signed-packages.enabled - Set this to true in order to enable signature verification network.http.signed-packages.developer-root - (Testing only) Set this to the path of your own signing certificate in your device in order to use this certificate to verify packages not signed by the marketplace. network.http.signed-packages.trusted-origin - (Testing only) Set this to the origin you trust to bypass verification of packages from that origin.