#Apple refuses to add support for 16 web APIs for privacy concerns. I look at the list and I wonder - what is wrong with you web people? What are you doing? This is not the web I want. This is Orwellian and out of control. https://www.zdnet.com/article/apple-declined-to-implement-16-web-apis-in-safari-due-to-privacy-concerns/
The browser is becoming a backdoor, almost malware with all these possibilities. This absolutely doesn’t sit right with me. No single program should have such power over my device.
@jwildeboer These APIs have been added to make the web as a platform as close to native apps as possible.
In the browser the user actually has to permit each of them manually and has greater control as in native apps, which just get permissions for these kind of device APIs out of the box most of the time. IMHO it is handled more transparently to the user on the web than on native. But I agree that most of them are not required for websites, but only for webapps.
@jwildeboer Other way round: We used to have stuff such as CORBA or RMI for client/server or server/server communication. Eventually, most of these communication channels at the very least failed whenever "external networks" and firewalls came into play. And now people fall back to HTTP because apparently it's the only thing that works somewhat reliable for this kind of stuff across networks and systems. 😟
@z428 Yes. And that’s called „circumvention“ when I’m friendly. „Backdoor“ when I’m realistic.
@jwildeboer Yes. From one point of view. From another point of view: I remember having weeks of discussion (in the late 1990s) trying to convince a customer site admin to make sure the Java applet based application we used to deploy back then is able to talk to the collaboration server in our datacenter. And that's not just us. At some point people gave up on these discussions and fell back to something that "just works" - HTTP(S) with all of its drawbacks. 😐
@jwildeboer (No, I don't like that approach at all. But I can understand and, to some point, relate to it. I wish things would have been better even back then.)
@qrsbrwn Well, actually no. We wanted to get to run an application (specialized data and communication exchange platform for civil engineering projects) the "customer" (that sysadmins organization) has paid us to provide because its users needed it. Unfortunately, the sysadmin on that organizations site saw his main job not in supporting us to get this to work in a meaningful and secure way but essentially in keeping "his" firewall rules clean...
@qrsbrwn Nowadays (as mentioned in this thread) "we" as well as most of our competitors have given up on "rich client" technologies (that would require to deploy and support applications on local infrastructure) and use web/HTTP based approaches instead. Deploying business applications that need local installations and updates across various customers has always been close to impossible to do right, and I am convinced this is one big reason for current browser predominance. 😐
@qrsbrwn Yes, of course. Having been of the sysadmin side of the fence for quite a while, too, I know that rather well, and yet disputes about that were just ... weird, starting with the fact that the application actually was *cough* Java (which seems just "not the best friend" to developers but a sworn enemy to some sysadmins). So, overally, in this case we wasted hours and ours lost in between this organizations "management" team (wanting us to *finally* deliver ...
@qrsbrwn From where I stand (sysadmin and dev), you missed a few "very"s in your list. And in some ways it still is. Garbage collection was broken most of the time. Desktop integration still is broken. Certificate management is something I don't want to talk about. Deployment and packaging sucks. And *yet*: Is it, as a cross-platform approach, better or worse than "the browser" or "electron"...? 😉
@qrsbrwn ... the solution they contracted us for) and the admin (who repeatedly refused to help getting this set up right because at this time only mail, FTP and HTTP protocols were allowed to make it out of the network while we needed Java RMI) per corporate policy. At some point, in this dispute, we gave in and replaced RMI remoting with Hessian (binary protocol tunneled through HTTP) so the sysadmin was "happy" to have our application communicate in accordance to its policy. 😟
@qrsbrwn No, the sysadmin wasn't at fault here for enforcing the corporate policy. That's his job. And I'm not really arguing against this. Yet, I would have expected some communication, like, "dear management, dear vendor, this application doesn't comply with our policy, please let's figure out what to do" - which didn't happen. Essentially he was down a "I'm just doing my job and my job is enforcing the current policy" route. Which is valid and I don't even think ...
@qrsbrwn ... it's bad. But starting point of this discussion was wondering why so many people (developers) moved to HTTP and browser based solutions - and this is one core reason in my opinion: Using a technology that is "around and available" on most systems anywhere, an application runtime you can use and deploy stuff without requiring too much time and effort in coordinating things with local sysadmins. *No*, this is not good. I don't applaud it. But I can understand it. 😐
@jwildeboer I suppose it will require appropriate rights, so you can decide not to grant them.
@sesivany so 40+ „allow access to API X“ popups every time I visit a site?
@jwildeboer That's bad UX, I agree. But application development is moving to web no matter if we like it or not, making web apps as powerful as their native counterparts is a natural motivation, so browsers/web enginers will eventually have to find a way to deal with this.
@jwildeboer My interest: Can I bend IoT hype to combat this JS hype?
@jwildeboer That's not a problem with "web people". That's the browser more and more turning into what "we" have failed to build in a better way before: A rich-client, cross-platform development kit for virtually every kind of application you could possibly imagine. 😐
@jwildeboer It surely is the web I want. I want to build web apps and use them on all my devices.
@jwildeboer I think the "bad" reason the browser does this is based on the thread's comments regarding firewalls; but what I've come to consider the"good"reason for it is that the browser is (& @this point, I guess I mean Firefox, specifically) the only Open runtime we have left: if it couldn't do all these things, then every innovation, no matter its scale, would be beholden to Apple, Google, or Microsoft. I'm not sure good outweighs bad: but I think it's a vital trade-off to keep in mind
@jwildeboer Wow I'd never heard of Web USB before. That sounds crazy!
Mastodon instance for people with Wildeboer as their last name