Comment by shuckles
5 hours ago
The people complaining about Safari often are running enterprise crapware that requires some esoteric Chrome API or bug to operate correctly and should actually be an app on iOS but cannot be funded as such because its creators don’t care about its users.
Then again, if a company can't polish a web browser app, then the native app they'd produce will be even worse.
Now you have a crappy app that only works on some devices, and now with no tabs, no links, text you cannot select anymore because they used the wrong component, etc.
Ugh.
Well, formerly you would have been right, but WebUSB and whatnot are gaining a lot more traction.
I didn't take WebUSB seriously until I steered someone to flashing a small firmware onto something and they could do it straight from the browser! And it was a nice workflow too, just a few button and a permission click.
Two other examples I can think of are flashing Via (keyboard) firmware and Poweramp using WebADB via WebUSB to make gaining certain permissions very easy for the layman. I imagine it's gonna get more and more user in enterprise too.
Firefox is seriously behind by refusing to implement it.
WebUSB is a giant gaping hole in the browser sandbox. Innocent use cases are really nice, I've used WebUSB to flash GrapheneOS on my device, but the possibilities for users to shoot themselves in the foot with nefarious website are almost endless.
Consider the fact that Chromium has to specifically blacklist Yubikey and other known WebAuthn vendor IDs, otherwise any website could talk to your Yubikey pretending to be a browser and bypass your 2FA on third party domains.
I'm conflicted on WebUSB because it's convenient but on the balance I think it's too dangerous to expose to the general public. I don't know how it could be made safer without sacrificing its utility and convenience.
> some esoteric Chrome API or bug
Or simple things like supporting 100vh consistently. Is that estoric?
[dead]