[whatwg] Proposal for a debugging information API

David Barrett-Kahn dbk at google.com
Tue Nov 20 08:34:14 PST 2012

I'm not sensing a lot of enthusiasm about this proposal, and am guessing it
would be an uphill slog with all the privacy/security issues involved.  I'm
therefore thinking I won't take it any further.  If you feel something
important is being lost here and that you could help me move this forward
do let me know though.



On Fri, Nov 16, 2012 at 6:04 PM, Ian Hickson <ian at hixie.ch> wrote:

> On Fri, 16 Nov 2012, David Barrett-Kahn wrote:
> >
> > Thanks Ian. So here's what confuses me, why is the bar so much higher
> > for traditional webapps than it is for browser extensions, chrome apps,
> > native apps, mobile apps or nearly anything else?
> Browser extensions, chrome apps, native apps, and mobile apps aren't
> anywhere near as secure as Web apps.
> The bar shouldn't be any lower for them than for the Web, but that it is
> is one of the Web's biggest strengths. You can, by and large, follow any
> random link, and be assured that you're not going to get scammed (modulo
> security bugs). If you just install any random native program you come
> across, your machine is going to become a nest of malware.
> > Extensions, chrome apps, and mobile apps have a consent experience, but
> > it's hard to argue that users are making an informed decision there and
> > that the consent experience really protects them. Native apps have no
> > consent experience at all.
> Right. Compare the average amount of malware on a Windows machine to that
> on a Chrome OS machine. :-)
> > I guess I'm hoping you can point me to some guidelines you've developed
> > or which you agree with on where the limits of the web sandbox should
> > be.  I'd rather not force you to re-have a discussion I'm sure you've
> > had far too many times :-)
> I don't think there's anything formally written down.
> --
> Ian Hickson               U+1047E                )\._.,--....,'``.    fL
> http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
> Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'


More information about the whatwg mailing list