[whatwg] Installed Apps
Boris Zbarsky
bzbarsky at MIT.EDU
Tue Jul 28 21:50:51 PDT 2009
Michael Davidson wrote:
> I didn't realize this. So you think that everything on
> addons.mozilla.org is vetted enough to not include malware?
We try... Note that given the extension model you don't have to put a
binary blob in the extension either, since extensions can make HTTP
requests and write to files.
> Do you think the existing FF install dialog gives enough warning that an
> extension could outlive the browser process?
The dialog says "Install add-ons only from authors whom you trust.
Malicious software can damage your computer or violate your privacy".
I'm not a human-computer interaction expert, so I can't tell you how
scary that is to the typical consumer. Probably no more so than any
other dialog he sees. :(
>> Really, it sounds like you want something more akin to a Prism app [1] than
>> anything else. You don't _actually_ want to run gmail in a browser window.
>> You just want to deliver it over http:// and leverage a browser-like thing
>> on the other end for rendering it, right?
>
> We'd like to not have to maintain two Gmail codebases, one for
> installed usage and one for everyone else. Ideally the same code can
> be used in an internet cafe and on the machine of someone who agrees
> to install Gmail as an app. Prism might be similar to what we'd like.
Right; the whole point of Prism is that it needs no changes to the web
app, last I checked, while at the same time allowing it to have its own
process, window (possibly without the url bar and such, which makes a
lot less sense for a window dedicated to a particular web app), and
lifetime independent of the browser.
-Boris
More information about the whatwg
mailing list