MozillaWiki

WebAPI/WebSocketOverApps: Difference between revisions

Page Discussion

WebAPI/WebSocketOverApps (view source)

Revision as of 11:13, 14 July 2013

181 bytes added ,  14 July 2013
→‎Work with DeviceIndexedDB or other Application Choosers
Line 47: Line 47:


The tokenss must be some kind of opaque data that can not be passed to other Apps, only valid for the app it-self.  For security reason, the tokens should not be reversed to the server Apps, so the token holder can not tell what app it connect to by a token.
The tokenss must be some kind of opaque data that can not be passed to other Apps, only valid for the app it-self.  For security reason, the tokens should not be reversed to the server Apps, so the token holder can not tell what app it connect to by a token.
With tokens, the app can by-pass the permission checking that defined in the manifest.  But, with permission checking of application choosers, an App can access only limited Apps.


== Use Case ==
== Use Case ==
Thinker
Confirmed users
398

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/675997"