by erastothenes on 5/30/13, 2:24 AM with 2 comments
As pure HTML/JS web apps begin to encroach on the turf of native applications, they will inevitably face some of the same security problems that native apps once faced. One of these issues is trusted code delivery. This has traditionally been addressed with code signing, yet it is not currently possible to sign an HTML/JS single-page app in the way that an iPhone app or a browser extension can be signed. Do browsers need a new method for HTML/JS code verification?
by TheHydroImpulse on 5/30/13, 2:31 AM
No. Web pages are sandboxed and thus have limited control to the computer and operating system compared to native apps.