- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Wed, 29 Jul 2009 00:50:51 -0400
Michael Davidson wrote: > I didn't realize this. So you think that everything on > addons.mozilla.org is vetted enough to not include malware? We try... Note that given the extension model you don't have to put a binary blob in the extension either, since extensions can make HTTP requests and write to files. > Do you think the existing FF install dialog gives enough warning that an > extension could outlive the browser process? The dialog says "Install add-ons only from authors whom you trust. Malicious software can damage your computer or violate your privacy". I'm not a human-computer interaction expert, so I can't tell you how scary that is to the typical consumer. Probably no more so than any other dialog he sees. :( >> Really, it sounds like you want something more akin to a Prism app [1] than >> anything else. You don't _actually_ want to run gmail in a browser window. >> You just want to deliver it over http:// and leverage a browser-like thing >> on the other end for rendering it, right? > > We'd like to not have to maintain two Gmail codebases, one for > installed usage and one for everyone else. Ideally the same code can > be used in an internet cafe and on the machine of someone who agrees > to install Gmail as an app. Prism might be similar to what we'd like. Right; the whole point of Prism is that it needs no changes to the web app, last I checked, while at the same time allowing it to have its own process, window (possibly without the url bar and such, which makes a lot less sense for a window dedicated to a particular web app), and lifetime independent of the browser. -Boris
Received on Tuesday, 28 July 2009 21:50:51 UTC