Re: AppCache post-mortem?

On Monday, May 6, 2013 at 9:56 PM, Tobie Langel wrote:
> I'd like to add that developers have been claiming AppCache was terrible for the longest time. No one listened to them. There's a clear communication issue here. Admittedly, there's also one of reputation: it's difficult for editors and implementors to know whether the developers that report issues are trustable sources or not. Not sure how to fix this, but it's certainly something that needs to be addressed.

It's funny, now that I'm thinking about it, how this issue keeps coming up.

For example, Web developers behind large JS app have been asking for the past 2-3 years for a secure way to send diffs and have them applied instead of sending the new compiled JS file whenever there's a one line change in what often amounts to half a mega bite of JS or more.

Some have ended up implementing this themselves, creating security issues in the process. Others just bust their user's cache every time there's a new version of the app, which with modern teams could be multiple times a day.

However, whenever this is brought up within standards bodies or with implementors, with descriptions of existing implementations in production, it is usually considered in a really demeaning way ("Web developers should not use LocalStorage to store files, it's slow," "Web developers should not use LocalStorage to store files, it's not secure," or "Eval is evil.")

I can guarantee our next problem on mobile (once AppCache is solved) will be patching JS files. I guess this will have to wait another 2 years before it is considered.

--tobie

Received on Monday, 6 May 2013 20:19:47 UTC