Third, what's the plan for APIs? @mozilla seems to have decided that the web doesn't need to compete, and @KaiOStech ships proprietary B2G APIs;
https://developer.kaiostech.com/api
...but not web APIs like Web Bluetooth or Generic Sensors:
https://developer.mozilla.org/en-US/docs/Web/API/Web_Bluetooth_API …https://developers.google.com/web/updates/2017/09/sensors-for-the-web …
-
Show this thread
-
"decided that the web doesn't need to compete"?
1 reply 0 retweets 0 likes -
Haha! Did you read the security/privacy research on why? Removing the users ability to make conscious decisions about where their data goes to is deceptive. We aren't closed to implementing APIs that are designed to be safe by default.
1 reply 0 retweets 0 likes -
Replying to @KingstonTime @slightlylate and
Also those APIs aren't even shipped in other browser any more either. Rushing to implement APIs only ends in the issues WebUSB and WebMidi cause.
1 reply 0 retweets 0 likes -
Yes, I read (and understand) the research. This was the cheap way out. And not Midi/USB is yet more evidence that FF/Gecko isn't keen to compete as a real platform. It's sad, but there doesn't seem to be much dispute on the facts of the matter.
1 reply 0 retweets 0 likes -
Replying to @slightlylate @KingstonTime and
At a platform level, this leaves
@KaiOStech (and others who want to build off Gecko) with a large proprietary surface area forever.1 reply 0 retweets 0 likes -
Those APIs will likely come back as the new variants that Chrome ship with a prompt. Keeping our users safe makes sense to me. As for Midi/USB I don't think anything other than a giant allowlist would keep them safe, who would maintain that?
1 reply 0 retweets 0 likes -
Glad to hear there's a plan to add those APIs back! Wasn't aware of that. For Midi/USB/BT/Generic Sensor/et. al....the counterfactual matters and nobody I've talked to at Mozilla seems to want to really engage with that.
2 replies 0 retweets 0 likes -
Generic sensors and the related APIs are being discussed. WebVR needs it etc. There aren't concrete plans yet. The security standpoint for Midi/USB/BT make sense to me, giving the web the ability to exploit the platform itself or bypass SOP is something we should take seriously.
1 reply 0 retweets 0 likes
I know you perhaps didn't mean to imply we (and I) don't take SOP seriously, but oy.
-
-
Yeah I didn't. I just don't think Mozilla have the resources to maintain blocklist/allowlists for this kind of thing. This appears the only security protection for those APIs.
1 reply 0 retweets 0 likes -
It's not, but it probably seems this way because Mozilla hasn't substantively engaged in the design process. It's sad and frustrating.
1 reply 0 retweets 1 like - 2 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.