On Mon, Nov 18, 2013 at 9:44 PM, Marcos Caceres <mcace...@mozilla.com> wrote: > On Monday, November 18, 2013 at 3:35 PM, Anne van Kesteren wrote: >> Bookmarking. And in particular bookmarking to home screen should not >> have dramatically different security properties from just bookmarking. >> They ought to be identical (and indeed, have negligible effect). > > Thanks for clarifying. I think I agree with this, but I’m currently > investigating what the implications are. I have a *very early* draft of this > research, and the good thing is that at least IE on Windows 8, Firefox for > Android, and Chrome for Android tend to agree with you (will push that part > of the research to the document soon).
So the differences I found that are not desirable are: * If I'm logged into Facebook and then open a hosted app that Facebook session is distinct. That's not the case in a browser today. I can see us adding a feature that allows Facebook to opt out of sharing its session with other sites, but by default I think we want the existing model. (And definitely not change it around based on a bookmark.) * When I click a link "the browser" opens. If the browser is core to the OS everything in it should have a URL (whether visible or not, that's an implementation detail) and navigation should happen seamlessly between them. I don't think we need any behavioral difference here between something that is bookmarked and something that is not. Of course apps can opt in to having their links open in a new window, using target=_blank. I think part of the disconnect might be that the web is an actual OS would be fundamentally different from what we have today. You cannot really compare it with an OS that has a browser or an apps market (such as Mac OS X and Firefox OS). The OS is the browser and the apps market is the web. -- http://annevankesteren.nl/ _______________________________________________ dev-b2g mailing list dev-b2g@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-b2g
