[webkit-dev] Notifications API
michaeln at google.com
Thu May 28 12:03:32 PDT 2009
Its a comfortable notion that an origin == application, but the
reality is that a single site can host multiple applications, and that
an individual application can span multiple origins.
We can probably do better than imposing the origin == application
model on everybody.
The only organizing principles we have for web permission granting are
at the page level or at the origin level. Neither of these is
I think end users would like to see things in terms of "applications".
The web provides no means of identifying which pages/origins should be
considered part of an application. If there was a sense of
"application'ness", we could apply permissions to them... which is a
desirable goal i think.
So how to establish a sense of application'ness?
<html application = urlToAppIdentifyingFile>
If a page that doesn't identify itself start requesting permissions...
fallback on the origin = application model.
More information about the webkit-dev