Our plan for filesystem access is incremental: start with single file read-write (for open-with situations), then onetime directory picker, then persistence. All user-mediated; very much how Web Bluetooth works.
-
-
Replying to @slightlylate @BrendanEich and
And, like all the rest of this stuff, we're breaking up capabilities from the concept of installation. Why does that one click grant so much privilege? That's a bug.
2 replies 0 retweets 5 likes -
Replying to @slightlylate @BrendanEich and
Which one click? You mean installing an app?
1 reply 0 retweets 0 likes -
-
Replying to @slightlylate @AdamRackis and
Installing a PWA on Android grants exactly two unique capabilities: the permission to launch without the URL bar and the ability to request durable storage. That's *it*. The web permission model is runtime-permissions, which means any tab can ask for things; we're unbundling apps
3 replies 0 retweets 9 likes -
Replying to @slightlylate @BrendanEich and
Most of this thread was based on *desktop* apps. I really love (mobile) PWA’s, I could see them replacing almost every mobile app I use, except maybe social media, music players and email clients. My reaction before was in response to a *desktop* PWA requesting file system access
1 reply 0 retweets 0 likes -
Replying to @AdamRackis @slightlylate and
To be clear my need for desktop apps is even lower than mobile, but inherently requiring a ton of trust and permissions: IDE, database explorer/manager, etc. I can’t imagine a PWA ever approaching that level.
1 reply 0 retweets 0 likes -
Replying to @AdamRackis @slightlylate and
I'm not sure why not, if the threat/trust model is the same. You download Slack (e.g.) and it can do anything under your user id, and phone home. Installed PWA differs how?
1 reply 0 retweets 2 likes -
Replying to @BrendanEich @AdamRackis and
(Reading backward) from Alex's answers the PWA is more secure because you have to grant authority selectively and for bounded interactions or possibly periods of time. Could be usability suffers but it would be more secure than Slack rn.
1 reply 0 retweets 1 like -
Replying to @BrendanEich @slightlylate and
Right - massive usability suffering. I don’t want VS Code or SQL Server Management Studio to constantly ask my permission to do stuff; I want it to just work.
1 reply 0 retweets 2 likes
It's possible to imagine a way to do this with signing and Web Packaging, but most users and developers don't need this most of the time.
-
-
Replying to @slightlylate @BrendanEich and
Not sure I follow. Most users and developers don't need...this level of access? Absolutely - why, imo, installed apps will never go away, just become less popular (especially on desktop)
1 reply 0 retweets 0 likes -
Replying to @AdamRackis @BrendanEich and
Most apps, most of the time, can work without exotic, non-origin-model-breaking capabilities. If decision load is low enough, runtime permission grants work well. Sticky issue is how to prove that high-trust apps have earned that trust.
1 reply 0 retweets 0 likes - 14 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.