W3C home > Mailing lists > Public > whatwg@whatwg.org > July 2009

[whatwg] Installed Apps

From: Jonas Sicking <jonas@sicking.cc>
Date: Tue, 28 Jul 2009 00:02:57 -0700
Message-ID: <63df84f0907280002i5353af92na510f2743fa29b90@mail.gmail.com>
On Mon, Jul 27, 2009 at 5:53 PM, Maciej Stachowiak<mjs at apple.com> wrote:
> On Jul 27, 2009, at 6:42 PM, Robert O'Callahan wrote:
>> On Tue, Jul 28, 2009 at 6:50 AM, Michael Davidson <mpd at google.com> wrote:
>>> As mentioned in earlier discussions about persistent workers,
>>> permissioning UI is a major issue.
>>
>> Indeed, the most difficult issue here is security and the permissions UI,
>> which you haven't addressed at all.
>>
>> Currently, when you close a browser tab, the application in that tab is
>> gone. This is a very important user expectation that we can't just break.
>
> I share this concern. Violating this expectation seems like it could be a
> vector for malware, in a way that a permissions dialog would not
> meaningfully address.

Agreed. As so often, adding powerful features is the easy part, doing
so securely is what's hard.

Google Chrome (and I think other browsers) allow pages to be
"installed" as web applications which run in a separate window. It
would be interesting to look at the UI for that feature. However
installApp allows something even more powerful than that, since it
allows a hidden page that the user can't easily simply close, and so
should probably have an even more restrictive UI.

/ Jonas
Received on Tuesday, 28 July 2009 00:02:57 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:14 UTC