@@ -842,11 +842,12 @@ <h3>
842842 application, it SHOULD treat that manifest as a description of a
843843 distinct application, even if it is served from the same URL as that
844844 of another application. When the user agent sees a manifest where
845- |manifest|["id"] [=url/equal|equals=] the [=identity=] of an
846- already-installed application, it SHOULD be used as a signal that
847- this manifest is a replacement for the already-installed
848- application's manifest, and not a distinct application, even if it is
849- served from a different URL than the one seen previously.
845+ |manifest|["id"] is [=url/equal=] with [=URL serializer/exclude
846+ fragment|exclude fragment true=] to the [=identity=] of an
847+ already-installed application, it SHOULD be used as a signal that this
848+ manifest is a replacement for the already-installed application's
849+ manifest, and not a distinct application, even if it is served from a
850+ different URL than the one seen previously.
850851 </ p >
851852 < p class ="note ">
852853 The [=identity=] can be used by a service that collects lists of web
@@ -1293,6 +1294,13 @@ <h3>
12931294 < li > [=Process the `id` member=] passing |json|, |manifest| and
12941295 |document URL|.
12951296 </ li >
1297+ < li >
1298+ If the [=document=]'s [=document|processed
1299+ manifest=] is not null, and [=document=]'s [=document|processed
1300+ manifest=]'s id is not
1301+ [=URL/equal=] with [=URL serializer/exclude fragment|exclude fragment true=] to |manifest|["id"],
1302+ return.
1303+ </ li >
12961304 < li > [=Process the `scope` member=] passing |json|, |manifest|, and
12971305 |manifest URL|.
12981306 </ li >
@@ -1421,7 +1429,55 @@ <h3 id="applying">
14211429 < h3 >
14221430 Updating the manifest
14231431 </ h3 >
1424- < aside class ="issue " data-number ="446 "> </ aside >
1432+ < p >
1433+ As specified for [^link/rel/manifest^] link relation, the manifest
1434+ is fetched and processed on every page load. When the [=processing
1435+ a manifest=] is successful, user agents MAY apply updated manifest
1436+ to any current and future < a > application contexts</ a > associated
1437+ with the application.
1438+ </ p >
1439+ < p >
1440+ For the purpose of updating, the following member are
1441+ < dfn > security-sensitive members</ dfn > , as they are presented during
1442+ installation and on launch surfaces:
1443+ </ p >
1444+ < ol >
1445+ < li > [=manifest/short_name=],
1446+ </ li >
1447+ < li > [=manifest/icons=]
1448+ </ li >
1449+ < li > [=manifest/name=],
1450+ </ li >
1451+ </ ol >
1452+ < p data-cite ="permissions ">
1453+ User agents SHOULD NOT automatically apply changes to
1454+ [=security-sensitive members=] without [=express permission=] from
1455+ the user.
1456+ </ p >
1457+ < p >
1458+ Instead, user agents SHOULD present changes to [=security-sensitive
1459+ members=] with appropriate management options, so the user can make
1460+ an informed decision about updating the web application.
1461+ </ p >
1462+ < p >
1463+ The user agent MAY automatically apply the changes if the update
1464+ does not contain changes to [=security-sensitive members=].
1465+ </ p >
1466+ < aside class ="note " title =
1467+ "A user agent will not apply a partial update ">
1468+ < p >
1469+ When the update contains changes both to [=security-sensitive
1470+ members=] and other members, a user agent won't automatically
1471+ partially update. For example, the user agent could present
1472+ options to the user:
1473+ </ p >
1474+ < ol >
1475+ < li > Accept the update
1476+ </ li >
1477+ < li > Uninstall the web app
1478+ </ li >
1479+ </ ol >
1480+ </ aside >
14251481 </ section >
14261482 </ section >
14271483 </ section >
0 commit comments