- From: Ben Francis <notifications@github.com>
- Date: Wed, 27 May 2020 08:37:01 -0700
- To: w3c/manifest <manifest@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3c/manifest/issues/399/634746512@github.com>
> Mandating separate storage at the spec level seems a pretty heavy-handed way of addressing this issue. It would cause a number of other (not necessarily desirable) ramifications that greatly affect the utility of web apps. +1. Firefox OS had a separate "data jar" per installed application and to cut a long story short it broke the user experience of web content in lots of ways, some unexpected. The authentication use case mentioned above being one of them. I would recommend against enforcing that in the specification. If implementations supported "deep linking" then the problem wouldn't be quite so bad, but currently: 1. Navigating to out-of-scope content from within an application context usually stays within the application context (or a special popover style window) 2. Navigating to in-scope content from an external browsing context does not get redirected to the installed application context If every application context has its own data jar, both of the above serve to fragment local storage across multiple jars. This has the side effect that the user is repeatedly forced to re-authenticate to access the same content in different contexts. I agree that the fingerprinting problem applies just as much to bookmarks as it does to "installing" a web application. Do any browsers currently try to strip unique identifiers from bookmarked URLs? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3c/manifest/issues/399#issuecomment-634746512
Received on Wednesday, 27 May 2020 15:37:14 UTC