W3C home > Mailing lists > Public > whatwg@whatwg.org > May 2011

[whatwg] Proposal for IsSearchProviderInstalled / AddSearchProvider

From: Bjartur Thorlacius <svartman95@gmail.com>
Date: Tue, 17 May 2011 00:20:01 +0000
Message-ID: <BANLkTimX_LCxobYiz36z1u=HwJkZXVwbLg@mail.gmail.com>
On 5/16/11, Ian Hickson <ian at hixie.ch> wrote:
> On Mon, 16 May 2011, Adam Shannon wrote:
>> I'd rather see UA's implement better controls on their end than see an
>> API which could be largely abused. (Drag and drop browser controls over
>> tons of sites asking for permission to be the default.)
> I agree. Note that the spec doesn't say there should be a dialog box at
> all; it's left entirely up to the UAs.
Then why add an API when we've already got (IMO superior) declarative
markup? The user has to consent. Even confirmation prompts may not be
a usable authorization mechanism (as most users generally don't
understand them).

Use case:
User wants to add a search provider.

A GET form from a site & user's consent
The chosen solution should be easily adaptable if not usable for
publishing as well as searching. Creating a hyperlink to a POST form
(without the "search" relation) should be suitable for microblogging.

A document advertises a form to the browser; if not installed: the
browser advertises the form to the user; the user commands the browser
to install the form.
document -> browser & browser <-> user -- the site is never informed

A document ask the browser if the user has installed the form; if not:
begs the user to install it; the user asks the document to ask the
browser to install the form; the document ask the browser; the browser
asks the user whether it should proceed; the user consents.
Or do you mean that a script is to ask the browser without user interaction?

document <-> browser & document <-> user & browser <-> user

Security considerations:
In the case of an API a script bundled with a document may at any
point ask for form installation, irrespective of
isSearchProviderInstalled making isSearchProviderInstalled redundant,
as if it's installed (or blacklisted as in explicit user refusal to
install) the call would be ignored anyway. Also, my UA would probably
always act as if the form was installed, to protect agaisnt
blackmailing ? la Facebook scams and sites funded by getting money for
endorsing (unwanted) forms.
Received on Monday, 16 May 2011 17:20:01 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:33 UTC