[whatwg] Menubars and phishing

Ian Hickson ian at hixie.ch
Mon Jun 14 10:30:38 PDT 2004

On Mon, 14 Jun 2004, Dylan Schiemann wrote:
> Right... my point was this: should we suggest providing an API for
> interacting with the existing system controls, or an API that overrides
> the system settings and replaces them with the app developers menu, or
> something else.  In the case of the Mac interface, a local app
> integrates with the single menu bar at the top, replacing some items and
> adding others.  Is this something a "trusted" web app should be allowed
> to do.  Similarly for the context menu, should the web app menu override
> the UA context menu, or simply be able to add/remove items from it?

Makes sense. So "trusted" apps can get blank windows with menubars, and on
MacOSX that menu bar can integrate with the OS one, and "untrusted" apps
just get a single top-level menu item ("Web site" or something -- could
even just be a submenu or whatever, it's up to the UA) but not their own
window, so it's still inside the browser.

What do you think?

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

More information about the whatwg mailing list