Placeholder Image

Subtitles section Play video

  • Part 2: ... This is also a great situation for apps that need frequent updates such as

  • a content site or other rapidly changing property

  • The Firefox Marketplace will host app packages for apps that do use sensitive APIs, because

  • those apps will be code-reviewed and signed by the Marketplace.

  • Now, in a situation where an app cannot rely on the app-cache standard or IndexDB or other

  • existing web standards for its offline experience,

  • it's possible that the packaging standard for apps is useful to create a better offline

  • experience for traditional web apps.

  • And we are waiting to see how app developers will use these different technologies to best

  • provide offline experience for their users.

  • Purchased/paid apps are associated with a receipt and the application receipt is a JWT

  • JavaScript web token, which is a signed blob of text

  • The signing is used to reveal tampering or forgery of a receipt. A receipt is not tied

  • to users specific identity

  • nor is the receipt tied to the identity of an individual device. Here's a sample receipt

  • showing the name of the product and the unique identifier associated with the user which

  • the Marketplace can use to verify that no refund was given for this receipt.

  • The receipts are issued by the Marketplace at time of purchase, and installed at that

  • time on the device.

  • We will provide an opt-in service that allow users to back up all their receipts regardless

  • of where the apps were purchased. The receipt is made available to the app at runtime, for

  • server-side verification and for detection of fraud.

  • Fraud can be detected by noticing frequent use of identical receipts from many, different

  • locations.

  • Receipts will expire and periodically be refreshed and this will mitigate the risk of the signing

  • keys being compromised at the Marketplace.

  • In addition to the notion of paid apps, we also have the notion of in-app payments. In-app

  • payments are used when a developer wants the user to participate in the application by

  • purchasing digital content,

  • extra levels or weapons in a game, or content in a magazine or book-type site.

  • These are facilitated by a DOM API that we are developing currently called navigator.mozpay.

  • At the present the in-app payments are a communication directly between the developer and the user

  • -

  • and the Marketplace has little involvement beyond invoking the payment provider

  • Here's a sample JSON description of an in-app payment, giving the name of the digital content

  • and a detailed description.

  • Finally, what is an app store?

  • The most minimal definition of an app store is any web page that invokes the mozapps install

  • API.

  • Any page that allows you to install an app could be considered an app store.

  • In our case, it's much more than that. Our app store, called the Firefox Marketplace,

  • is itself an app.

  • that allows user to discover, purchase and install a wide variety of applications. It

  • is also a web service

  • that generates and validates application receipts. And finally, in the best Mozilla tradition,

  • it is a group of people,

  • a community that reviews and curates apps, and ensures that our users have a great experience

  • when they go there,

  • ... and find useful things.

  • Firefox Marketplace is based on proven technology from addons.mozilla.org. We are confident

  • that it will sustain the load of our Apps ecosystem in the coming years

  • and it is proven to have created a strong developer community. We are working to refactor

  • the code to make it better able to operate in multiple data centers,

  • and we'll be rolling that out next year.

Part 2: ... This is also a great situation for apps that need frequent updates such as

Subtitles and vocabulary

Click the word to look it up Click the word to find further inforamtion about it