14:54 <ill_logic__> Does Sandstorm have a guideline against 3rd party javascript library imports? (from a cdn)?

14:54 <ill_logic__> (I'm actually hoping yes, so you don't have to sell me on it if so :-P)

14:55 <ill_logic__> I looked at a couple apps and saw it was all local

14:55 <isd> ill_logic__: Some of the sandboxing mechanisms aren't entirely in place yet, but once that's fixed apps won't even *be able* to load thirty party resources without explicit permission.

14:55 <isd> So yes, the way to go is to host things in the app itself.

14:56 <ill_logic__> that is fantastic

14:56 <ill_logic__> Though I'm not even sure how that's possible?

14:56 <ill_logic__> How would you sandbox the browser?

14:57 <isd> Content-Security-Policy

14:57 <ill_logic__> oh that's just built into browsers?

14:57 <isd> App is loaded on a random subdomain, server tells the browser not to load third party resources.

14:57 <isd> yep.

14:57 <ill_logic__> baller.

14:58 <ill_logic__> that's a relief. the app I'm packaging right now, I was thinking about targeting low or no Internet connection areas. And it's not really a great sell unless other apps are there too.

14:58 <ill_logic__> I was worried that the other apps wouldn't work if they couldn't access a cdn

14:59 <TimMc> The only way I'd be even moderately OK with loading scripts from a CDN is if they used subresource integrity. (SRI involves specifying "only load this script if it hashes to the following")

14:59 <TimMc> But really there's no point in it.

15:00 <ill_logic__> oh that's right, you're really trying to control everything here.

15:00 <ill_logic__> very cool.

15:01 <ill_logic__> it's not even a matter off the app being potentially malicious and phoning home. it could be the cdn getting compromised or whatnot

15:01 <ill_logic__> (afk)

15:02 <isd> I think there are a couple things that are actually making use of the hole, e.g. tiny tiny rss. Closing it has been blocked on powerbox stuff, but that's implemented, so I think we just need to add a proper API for apps to request access.

15:05 <TimMc> ill_logic__: (To clear up a possible misunderstanding -- I'm not a Sandstorm dev, just a user.)

15:09 <isd> ill_logic__: ditto. Thought I've done a bit of app devvelopment

15:09 <isd> *though

21:18 <Zarutian> on membrane-proxying in capnproto, spefically rpc.capnp: is it acceptable for such a proxy to send back abort message with an exception saying that the proxy does not know that interface schema? (the proxy will of course have an interface to accept raw schema capn descriptions to be able to 'learn' of new interface schemas)

21:19 <Zarutian> this is spefically for a kind of membranes that do muffling.

21:21 <Zarutian> example of such muffing is when you only want to give an smartphone-app access to goarse grain GPS co-ordinates.

21:23 <simpson> Interesting. I don't know the answer though.