winteryou know what would be nice? if web browsers had two modes, essentially - a "Document Mode" and an "App Mode." in doc mode you'd have access to CSS, HTML, all the layout stuff, but absolutely no javascript ot anything turing complete. the web browser would offer extra doc-specific chrome, like entering a Reader Mode, changing fonts, or selecting between alternate stylesheets offered by the site.
in application mode, all of that would go away, javascript and all the rest would be turned on. when you'd load an App Mode page you'd get a window warning you, displaying the name of the app, a description, a list of requested capabilities (with toggles to selectively deactivate them or, say, enable location spoofing, whatever), the developer's credentials, and require the user to explicitly click a button to say "yes, run app, please." and every single goddamn bit of everything would require code-signing. foreign javascript gets inserted somehow? too bad, it's not signed by the app's declared certificate, and the app is terminated or the user is just warned, depending on user preference.
but we'll never get anything like this, because browsers are too in thrall to Big App and Big Data and the throngs of javascript freaks who are congenitally unable to display a single line of text without dragging in 36 levels of dependencies and turning your processor's fan up to max
in application mode, all of that would go away, javascript and all the rest would be turned on. when you'd load an App Mode page you'd get a window warning you, displaying the name of the app, a description, a list of requested capabilities (with toggles to selectively deactivate them or, say, enable location spoofing, whatever), the developer's credentials, and require the user to explicitly click a button to say "yes, run app, please." and every single goddamn bit of everything would require code-signing. foreign javascript gets inserted somehow? too bad, it's not signed by the app's declared certificate, and the app is terminated or the user is just warned, depending on user preference.
but we'll never get anything like this, because browsers are too in thrall to Big App and Big Data and the throngs of javascript freaks who are congenitally unable to display a single line of text without dragging in 36 levels of dependencies and turning your processor's fan up to max
xmanmonk
aa