Re: [w3c/manifest] Adding protocol handlers (#972) from Marcos Cáceres on 2021-05-28 (public-webapps-github@w3.org from May 2021)

From: Marcos Cáceres <notifications@github.com>
Date: Thu, 27 May 2021 22:10:50 -0700
To: w3c/manifest <manifest@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/manifest/pull/972/review/670932804@github.com>

@marcoscaceres commented on this pull request.



> +          The user agent MUST ask for permission when using a protocol
+          handler for the first time. This feature requires user interaction
+          and a script cannot communicate with another application on its

> protocol_handlers member in the manifest file: this will register a/several scheme(s) when a Web application is being installed.

Ok, but isn't this in violation of the web's security/permission model? I.e., we only really allow things to be request permission at use time, not _en mass_ at install time. 

Consider, we've previously rejected similar proposals whereby one would do:

```
  features: ["geolocation", "camera", "something else"]
```

This feels very similar.  

> Here a noteworthy difference is that the prompt itself would appear once a user in a website on the browser invokes one of the registered schemes. For example, I installed the BatmanPWA and when I am browsing online I click on a 'web+batman://' link and then the prompt appears in the browser asking if the user wants to use that (registered) PWA. This happens the first time a user invokes a specific scheme. Very convenient indeed.

This is concerning though. If I install BatmanPWA, it could do:

```
   protocol_handlers: [
       /// ...1000 protocols here... MUAHAHAH! 
       /// Appear to handle everything, and show up everywhere!
    ]
```

@dmurph: 
> There is also the automatic unregistration that happens when a user uninstalls a webapp, which is nice :)

Agree, that's nice. But it does presume some tight integration at the OS level with the browser. IIRC (and this was long ago), Firefox couldn't support such things because it could only put a shortcut icon on the home screen, but it had no way of getting notified if a user had deleted the shortcut.  



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/manifest/pull/972#discussion_r641271326

Received on Friday, 28 May 2021 05:11:05 UTC