In the past, Hixie has been against the notion of installed applications.
Perhaps for web pages that is the proper approach, however I really like
(from a UI/usability/security) perspective the notion of "installing"
something as a mechanism for granting trust. We can argue about how good the
"installation mechanism / process" is, but I think it's the most
understandable thing we have, and certainly better than putting up a dialog
each time a site wants +5Mb. Likewise for things such as persistent workers
/ background pages that survive browser shutdown.
In other words, LGTM
2009/7/29 Linus Upson <li...@google.com>
> I'm coming to the opinion that we should leverage the install mechanism of
> the extension system for apps that need special permissions, increased
> quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in
> our extension world exceptionally lightweight. It only needs to make the
> special capability available to the page.
> As Maciej brought up on the whatwg list, the extension system gives us
> multiple affirmative steps,
> vetting, reputation and revocation. It also gives us a UI access point. All
> of these are important for controlling apps that aren't safe and stateless.
>
> Linus
>
>
> On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette <i...@chromium.org> wrote:
>
>> I would say that if all the browsers are doing 5MB fixed quota for local
>> storage, it is a good way to start. Sadly, I think we need to start thinking
>> about this now for databases though (certainly I don't want to hit yes 4,000
>> times as my gmail syncs up to 20GB)
>> 2009/7/29 Jeremy Orlow <jor...@google.com>
>>
>> On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting <pkast...@chromium.org>wrote:
>>>
>>>> On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie <b...@google.com> wrote:
>>>>
>>>>> That seems overly simplistic to me - for example, just because I
>>>>> sometimes want to let a chat app have access to my camera, doesn't
>>>>> mean I want it always to have access. Given the number of users I've
>>>>> seen fix this problem with duct tape, I think I can conclude that
>>>>> users would use controls if they had controls they understood and
>>>>> trusted.
>>>>>
>>>>
>>>> I don't agree. I believe granularity is not only useless but harmful
>>>> for the majority of users. See user studies of desktop app install flows
>>>> or
>>>> options dialogs that universally conclude that giving people more choices
>>>> helps a small number of people and loses a large number. This is the
>>>> philosophy we designed Chrome around, so we're strong backers of it.
>>>>
>>>
>>> I agree on principle. I can imagine a couple ways the web app might
>>> state the capabilities it needs up front. The problem is that, with newer
>>> "versions" of the application, the needs might change. But how do we keep
>>> them from changing so often that the user just gets used to clicking 'yes'
>>> every time? I can't think of any good solution for this.
>>>
>>> Anyway, I think we've gotten a bit abstract here. It's good to talk
>>> about this in general, but in the mean time I'm not sure what to do for
>>> LocalStorage.
>>>
>>> Is the fixed quota per origin a good way to start? If so, is the plan to
>>> leave it that way until someone tries to tackle this stuff in a more unified
>>> way?
>>>
>>> J
>>>
>>>
>>>
>>
>> >>
>>
>
--~--~---------~--~----~------------~-------~--~----~
Chromium Developers mailing list: chromium-dev@googlegroups.com
View archives, change email options, or unsubscribe:
http://groups.google.com/group/chromium-dev
-~----------~----~----~----~------~----~------~--~---
