Networking/Archive/Necko/Web packages: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(→‎Prefs: modify explanation to prefs)
(mark as archived)
Line 1: Line 1:
{{Template:Archived}}
== Description ==
== Description ==
Web packages are a new packaging format for apps or web resources in general. The packaging format is based on the [http://www.w3.org/TR/web-packaging/ W3C spec] with the exception that resources are uniquely identified by a URL composed of the package URL, the !// separator, followed by the path to the resource inside the package.
Web packages are a new packaging format for apps or web resources in general. The packaging format is based on the [http://www.w3.org/TR/web-packaging/ W3C spec] with the exception that resources are uniquely identified by a URL composed of the package URL, the !// separator, followed by the path to the resource inside the package.

Revision as of 08:42, 24 April 2023

ARCHIVED
This page has been archived and its contents may be out of date.

Description

Web packages are a new packaging format for apps or web resources in general. The packaging format is based on the W3C spec with the exception that resources are uniquely identified by a URL composed of the package URL, the !// separator, followed by the path to the resource inside the package.

 Example: http://example.org/path/to/package.pak!//path/to/resource.html

Implementation

The bulk of the implementation is located in

 netwerk/protocol/http/PackagedAppService.cpp
 netwerk/protocol/http/PackagedAppVerifier.cpp
 netwerk/protocol/http/PackagedAppUtils.js

Prefs

 network.http.enable-packaged-apps
   - Set this to true in order to enable this feature
 network.http.signed-packages.enabled
   - Set this to true in order to enable signature verification
 network.http.signed-packages.developer-root (for testing only, not set by default)
   - Set this to the path of your own signing certificate in your device in order to use this certificate to verify packages not signed by the marketplace.
 network.http.signed-packages.trusted-origin (for testing only, not set by default)
   - Set this to the origin you trust to bypass verification of packages from that origin.

Privileged Content and Signed Packages

See https://wiki.mozilla.org/FirefoxOS/New_security_model/Packaging