Re: ISSUE-28: [Policy] Requirement for NO security prompting [Security Policy Framework — General]

> Rather than runtime dialogues, which do create a *terrible* user
> experience, can we consider a one time startup dialogue (similar to
> what is seen in android applications) that warns the user about what
> apis the application wants access to.

A widget may download a remote script which contains device API calls.
Even worse, this remote script may be different when the widget is
installed and when it is run, so a check at install time may not check
the correct script.

I'm afraid some kind of runtime check and dialogue is inevitable.

But yes, runtime dialogues are horrible. It's just that I haven't
heard any better ideas so far, so it seems we're stuck with them - for
the moment.

Unless we say that (nearly) all device API calls have to function
asynchronously, as the Mozilla paper suggests. But this would
significantly change the flow of an application, and maybe require a
different kind of programming than just normal web-JavaScript.

I don't think we should require anything - yet.

ppk, freelance front-end consultant,
agent, and trainer

Received on Wednesday, 7 October 2009 22:29:34 UTC