93
edits
FirefoxOS/New security model/Packaging: Difference between revisions
FirefoxOS/New security model/Packaging (view source)
Revision as of 07:47, 16 November 2015
, 16 November 2015→The Signed Manifest: remove JWS since we don't use it
(→Example: Remove moz-uuid from the example since we call it package-identifier for now) |
(→The Signed Manifest: remove JWS since we don't use it) |
||
| Line 44: | Line 44: | ||
A packaged is denoted by setting a single packages header which is the signature over the first resource which MUST be the manifest, and must include a list of resources in the package, along with their hashes. | A packaged is denoted by setting a single packages header which is the signature over the first resource which MUST be the manifest, and must include a list of resources in the package, along with their hashes. | ||
'''manifest-signature: MRjdkly.... (Base64 | '''manifest-signature: MRjdkly.... (Base64 Signature over manifest content)''' | ||
Package headers are specified by the w3c format and are headers which are sent inside the package, but prior to the first data part. Modifiying the above example, we get something like: | Package headers are specified by the w3c format and are headers which are sent inside the package, but prior to the first data part. Modifiying the above example, we get something like: | ||
'''manifest-signature: MRjdkly.... (Base64 | '''manifest-signature: MRjdkly.... (Base64 Signature)''' | ||
--gc0pJq0M:08jU534c0p | --gc0pJq0M:08jU534c0p | ||
Content-Location: /someapp.webmanifest | Content-Location: /someapp.webmanifest | ||