- From: SULLIVAN, BRYAN L (ATTCINW) <BS3131@att.com>
- Date: Tue, 15 Jun 2010 17:35:59 -0700
- To: "Mike Clement" <mikec@google.com>
- Cc: <arun@mozilla.com>, "Robin Berjon" <robin@berjon.com>, <public-device-apis@w3.org>, "Ian Fette" <ifette@google.com>, "Web Applications Working Group WG" <public-webapps@w3.org>
- Message-ID: <8080D5B5C113E940BA8A461A91BFFFCD127BF7BC@BD01MSXMB015.US.Cingular.Net>
Mike, To be clear - I'm not saying that the current File* APIs are poorly designed or that they won't be useful. As I have read through them I agree there is a lot of the functionality that we are looking for in them and we appreciate the effort it took to create them, even though they are different from the BONDI API (there are many good ways to design such things). Extending them will be one option if we can't resolve the gaps in the APIs directly. But if we can count on a couple of key things then in the interest of having a single API for developers to use, I would agree we should focus on these APIs and see how far they can take us: 1) An app can use resolveLocalFilesystemURI directly to resolve a generic filesystem URI, e.g. "documents", "pictures", "videos", "music" (we can create a normative set of these), or some other URI that is known to be supported by the device (which is itself known for example through the System Info API), e.g. file://home/user <file:///\\home\user> . Alternatively we can extend the LocalFilesystem interface with a getRootLocations method ala the BONDI filesystem API. 2) Access to resolveLocalFilesystemURI can be defined in policy (the resolve method can have an assigned feature URI used in widget config and policy documents), thus the user does not have to be prompted (if the app is trusted) or the <input> element used. Note that the alternatives requestPersistentFilesystem and requestTemporaryFilesystem are quite useful also, and may support the majority of use cases anyway. Thanks, Bryan Sullivan | AT&T From: Mike Clement [mailto:mikec@google.com] Sent: Tuesday, June 15, 2010 4:40 PM To: SULLIVAN, BRYAN L (ATTCINW) Cc: arun@mozilla.com; Robin Berjon; public-device-apis@w3.org; Ian Fette; Web Applications Working Group WG Subject: Re: Transferring File* to WebApps - redux As I understand it, #5 (programmatic access to files without user interaction) is indeed supported via the getFile method. But again, this is only within the sandboxed filesystem, not for an arbitrary file on the device. As for #6, I can't speak to the "policy-framework approach", but I do know that the security provisions for manipulating files with regards to JavaScript will be the usual same-origin policy. --mike On Tue, Jun 15, 2010 at 3:55 PM, SULLIVAN, BRYAN L (ATTCINW) <BS3131@att.com> wrote: Actually I think "sandboxing" an app into a certain area of the filesystem, especially for less-trusted apps, is a useful model. But I don't think the current File* APIs will support the items 5-6 that I mention below. 5) do the above programmatically in Javascript (not dependent just upon user selection of an input element and interaction with a file selector) 6) provide security for this using the policy-framework approach as being defined for DAP APIs In BONDI, it's possible to define the sandbox as policy and avoid the user needing to select it. For example it's possible to restrict an application to: * a "temp" filesystem location (whatever that maps to on the current device) * other "well-known" filesystem locations * browser-internal storage (e.g. localstorage) Thanks, Bryan Sullivan | AT&T From: Mike Clement [mailto:mikec@google.com] Sent: Tuesday, June 15, 2010 3:42 PM To: SULLIVAN, BRYAN L (ATTCINW) Cc: arun@mozilla.com; Robin Berjon; public-device-apis@w3.org; Ian Fette; Web Applications Working Group WG Subject: Re: Transferring File* to WebApps - redux Hi, Am I correct in thinking that what you find too restrictive is that the FileSystem API only allows programmatic access to a sandboxed portion of the device's filesystem instead of the entire filesystem? Otherwise, I believe that the File APIs as a whole will allow most of the other operations you mention. --mike On Tue, Jun 15, 2010 at 3:24 PM, SULLIVAN, BRYAN L (ATTCINW) <BS3131@att.com> wrote: Arun, I am not meaning to be unfair, perhaps the message is not coming through clearly enough. There are specific technical requirements that we need these APIs to fulfill, that I indicated to Thomas in another email: 1) access filesystems on the host device 2) traverse directories 3) read files as they exist on the filesystem (not just a local representation in memory, as currently defined in the File API to my understanding), in bytes and lines 4) write files (similar requirement to write directly to the filesystem), in bytes and lines, with overwrite and append options 5) do the above programmatically in Javascript (not dependent just upon user selection of an input element and interaction with a file selector) 6) provide security for this using the policy-framework approach as being defined for DAP APIs Apart from the details of (1-4) above, which will help ensure are addressed in the current File* APIs (no matter where they are finished),I think it's (5-6) where the real differences are. If we need another API in DAP to address them, then AT&T will help ensure it gets done separately from the current File* APIs. The question of where you are represented and your ability to participate cuts both ways - the same is true for us. I think if the browser vendors want their products really to be seen as compatible with the Web application space (as compared to just dynamic Web pages), they will support the work in DAP as its there that non-obtrusive and inherently secure models for Web application access to device resources will be defined as APIs. Thanks, Bryan Sullivan | AT&T -----Original Message----- From: Arun Ranganathan [mailto:arun@mozilla.com] Sent: Tuesday, June 15, 2010 2:53 PM To: SULLIVAN, BRYAN L (ATTCINW) Cc: Robin Berjon; public-device-apis@w3.org; Ian Fette; Web Applications Working Group WG Subject: Re: Transferring File* to WebApps - redux On 6/15/10 2:24 PM, SULLIVAN, BRYAN L (ATTCINW) wrote: > Arun, > > The basic concern I have is with the notion of "browsers" as the only > Web context and use-case that matters. The browser-based model for API > integration view (as I understand your position) is that the user must > be actively involved in every significant action, and choose explicitly > the actions that enable integration with browser-external resources > (including local and remote). Step back and you will see the > inconsistency in that (what would Ajax be if the user had to approved > every HTTP API request via an<input> element?). > In the case of the File API, I'm merely stating that the capability should be an evolution on top of what web pages already do with respect to the input element, and not introduce a new unbounded API space which doesn't consider user involvement, or reconsiders it with other consent models. Equating ajax with this in general isn't relevant to the argument. If you have no substantial technical differences with FileReader, FileWriter, and the FileSystem API, why are you blocking them from moving? What additional oversight does the DAP WG provide, that the WebApps WG does NOT provide? The WebApps WG has MORE browser vendors than the DAP WG, allowing review that's pertinent to the technology we are building. Below, you say: > Webapps are much more than just dynamic Web pages. They are > applications, and with HTML5 will have the ability to rival desktop > applications, as is clearly the vision of many in the industry. It might > even enable a return to a thin client world (e.g. browser as OS) in > which most significant resources are cloud-based. I see the logic and > value in that, but it's not the only valid (and valuable) model. > > W3C focuses on the Web, and the Web is bigger than the browser use-case. > HTML5 and the APIs that attach HTML-based applications to the world can > actually be the application platform for the next era of the Web, but > only if we do not limit the options to the user-centric/control > paradigms of the past. > But, by charter, the DAP WG allows you to address those very use cases! If the FileWriter, FileSystem, and FileReader specifications do NOT address the vision you articulate above, why not create a specification relevant to your use case? Naturally, browser vendors see value in technology that serves the cause of dynamic web pages. Why are you disallowing maximum browser vendor review by prohibiting a sensible move? Even within the DAP WG, feedback isn't as forthcoming on these specifications as it is in the WebApps WG. Please reconsider your stance here. You are not providing technical feedback on the specifications in question, nor illustrating why they don't address your use cases. But, you are blocking them from moving to a place where there *is* healthy technical feedback, worrying that those who *are* providing technical feedback will be poor custodians of a technology they are enthusiastic about building into their products. This is unfair. -- A*
Received on Wednesday, 16 June 2010 01:37:24 UTC