You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Hard-coding these accesses in the manifest sounds bad to me. As I said, when you write an app, you should be aware of what other apps are installed in all devices you are developing for, and deploy a different manifest if some other app is replaced... This is non-deterministic, and sounds like a maintenance nightmare to me."
A possible solution will be take the accessibility as an optional parameter
of getDataStores(...). For example,
getDataStores('messages','readwrite');
The text was updated successfully, but these errors were encountered:
My original point was that I don't see necessary to declare in the manifest which datastores an app wants to access, unless it is about specifying the 'type' of the datastore, i.e. "messages", "contacts", "calls". Then, the user agent can display a dialog with the matching datastores, and can even handle the read-only vs read-write access. The app would get all the datastores approved by the user, together with the type of permission approved by the user (or device security policy).
As an example, getDataStores("messages") would pop up a dialog possibly matching
facebook messages provided by app X, user approves read-write access since it wants to replace handling facebook messages with this app
sms from sim1, system only allows read-only access
mms from sim1, system only allows read-only access
sms from sim2, system only allows read-only access
gtalk messages from account "mygmailusername", user allows only read-only access.
On some other devices, all sms and mms may be exposed by one read-only datastore.
IMO this is simple and flexible enough, while the user agent has every information for making and enforcing security policy decisions.
Please see #18 (comment). Quoted the comment from @zolkis as below:
"Hard-coding these accesses in the manifest sounds bad to me. As I said, when you write an app, you should be aware of what other apps are installed in all devices you are developing for, and deploy a different manifest if some other app is replaced... This is non-deterministic, and sounds like a maintenance nightmare to me."
A possible solution will be take the accessibility as an optional parameter
of
getDataStores(...)
. For example,The text was updated successfully, but these errors were encountered: