In the past, Hixie has been against the notion of installed applications. Perhaps for web pages that is the proper approach, however I really like (from a UI/usability/security) perspective the notion of "installing" something as a mechanism for granting trust. We can argue about how good the "installation mechanism / process" is, but I think it's the most understandable thing we have, and certainly better than putting up a dialog each time a site wants +5Mb. Likewise for things such as persistent workers / background pages that survive browser shutdown. In other words, LGTM
2009/7/29 Linus Upson <li...@google.com> > I'm coming to the opinion that we should leverage the install mechanism of > the extension system for apps that need special permissions, increased > quotas, expanded lifetimes, etc. The extension can be almost vacuous, and in > our extension world exceptionally lightweight. It only needs to make the > special capability available to the page. > As Maciej brought up on the whatwg list, the extension system gives us > multiple affirmative steps, > vetting, reputation and revocation. It also gives us a UI access point. All > of these are important for controlling apps that aren't safe and stateless. > > Linus > > > On Wed, Jul 29, 2009 at 10:24 AM, Ian Fette <i...@chromium.org> wrote: > >> I would say that if all the browsers are doing 5MB fixed quota for local >> storage, it is a good way to start. Sadly, I think we need to start thinking >> about this now for databases though (certainly I don't want to hit yes 4,000 >> times as my gmail syncs up to 20GB) >> 2009/7/29 Jeremy Orlow <jor...@google.com> >> >> On Wed, Jul 29, 2009 at 9:37 AM, Peter Kasting <pkast...@chromium.org>wrote: >>> >>>> On Wed, Jul 29, 2009 at 12:39 AM, Ben Laurie <b...@google.com> wrote: >>>> >>>>> That seems overly simplistic to me - for example, just because I >>>>> sometimes want to let a chat app have access to my camera, doesn't >>>>> mean I want it always to have access. Given the number of users I've >>>>> seen fix this problem with duct tape, I think I can conclude that >>>>> users would use controls if they had controls they understood and >>>>> trusted. >>>>> >>>> >>>> I don't agree. I believe granularity is not only useless but harmful >>>> for the majority of users. See user studies of desktop app install flows >>>> or >>>> options dialogs that universally conclude that giving people more choices >>>> helps a small number of people and loses a large number. This is the >>>> philosophy we designed Chrome around, so we're strong backers of it. >>>> >>> >>> I agree on principle. I can imagine a couple ways the web app might >>> state the capabilities it needs up front. The problem is that, with newer >>> "versions" of the application, the needs might change. But how do we keep >>> them from changing so often that the user just gets used to clicking 'yes' >>> every time? I can't think of any good solution for this. >>> >>> Anyway, I think we've gotten a bit abstract here. It's good to talk >>> about this in general, but in the mean time I'm not sure what to do for >>> LocalStorage. >>> >>> Is the fixed quota per origin a good way to start? If so, is the plan to >>> leave it that way until someone tries to tackle this stuff in a more unified >>> way? >>> >>> J >>> >>> >>> >> >> >> >> > --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---