Networking/Archive/Necko/Web packages: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Add a section about signed packages)
(→‎Prefs: modify explanation to prefs)
Line 15: Line 15:
   network.http.signed-packages.enabled
   network.http.signed-packages.enabled
     - Set this to true in order to enable signature verification
     - Set this to true in order to enable signature verification
   network.http.signed-packages.developer-root
   network.http.signed-packages.developer-root (for testing only, not set by default)
     - (Testing only) Set this to the path of your own signing certificate in your device in order to use this certificate to verify packages not signed by the marketplace.
     - Set this to the path of your own signing certificate in your device in order to use this certificate to verify packages not signed by the marketplace.
   network.http.signed-packages.trusted-origin
   network.http.signed-packages.trusted-origin (for testing only, not set by default)
     - (Testing only) Set this to the origin you trust to bypass verification of packages from that origin.
     - Set this to the origin you trust to bypass verification of packages from that origin.


== Privileged Content and Signed Packages ==
== Privileged Content and Signed Packages ==


See https://wiki.mozilla.org/FirefoxOS/New_security_model/Packaging
See https://wiki.mozilla.org/FirefoxOS/New_security_model/Packaging

Revision as of 02:29, 28 October 2015

Description

Web packages are a new packaging format for apps or web resources in general. The packaging format is based on the W3C spec with the exception that resources are uniquely identified by a URL composed of the package URL, the !// separator, followed by the path to the resource inside the package. 

 Example: http://example.org/path/to/package.pak!//path/to/resource.html

Implementation

The bulk of the implementation is located in 

 netwerk/protocol/http/PackagedAppService.cpp
 netwerk/protocol/http/PackagedAppVerifier.cpp
 netwerk/protocol/http/PackagedAppUtils.js

Prefs

 network.http.enable-packaged-apps
   - Set this to true in order to enable this feature
 network.http.signed-packages.enabled
   - Set this to true in order to enable signature verification
 network.http.signed-packages.developer-root (for testing only, not set by default)
   - Set this to the path of your own signing certificate in your device in order to use this certificate to verify packages not signed by the marketplace.
 network.http.signed-packages.trusted-origin (for testing only, not set by default)
   - Set this to the origin you trust to bypass verification of packages from that origin.

Privileged Content and Signed Packages

See https://wiki.mozilla.org/FirefoxOS/New_security_model/Packaging

Retrieved from "https://wiki.allizom.org/index.php?title=Networking/Archive/Necko/Web_packages&oldid=1102923"