Getting HTML5 going
sean at pidigital.co.uk
Wed Mar 25 15:31:33 EDT 2020
In an app on the AppStore this is definitely a security risk from Apple’s point of view. Devs could insert any nefarious code into their app. This has been true from iOS2. Only content like video and images, maybe some animation data and so on is deemed ok and encouraged.
I was mainly revering to HTML5 deployment where it is pretty much encouraged to dissect where possible.
> On 25 Mar 2020, at 19:08, Richard Gaskin via use-livecode <use-livecode at lists.runrev.com> wrote:
> Bill Prothero wrote:
> > Richard and Sean,
> > Good ideas. I had considered deploying it as a standalone that has
> > sections that udate from a server, but worried that the new security
> > requirements from Apple, in particular, discouraged (prohibited?)
> > downloading code. Is that not true?
> Is this desktop or mobile?
> Just curious, really. In either case, downloading scripts is quite different from downloading executable object code. Any sandboxing for the app is done to the LC engine - swap out scripts all you like and you can't alter what the user has allowed the standalone engine to do.
> I think Apple's main concern would be an app that presents itself as one thing and later morphs into something else.
> But if we use downloads responsibly, scripts are really just another form of data, much like spreadsheet formulas. I can't see a reason Apple or anyone else would have an issue with an app downloading data, and I know a good many devs using a wide range of scripting tools that update dynamically.
> Richard Gaskin
> Fourth World Systems
> Software Design and Development for the Desktop, Mobile, and the Web
> Ambassador at FourthWorld.com http://www.FourthWorld.com
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
More information about the use-livecode