Comment by ethbr1

1 day ago

Is it really that complicated?

Why not just create per-domain browser-controlled folders (cert-linked?) that are abstracted into a simple read/write API via the browser (with subfolders allowed under that domain's root), disallow cross-domain access... and then build browser-mediated linking for use cases where you want to flow files from (non-domain) to (domain) to (non-domain)?

So essentially local storage with better integration with the actual filesystem, that's browser-controlled.

Allowing websites to have arbitrary (even user-approved) access directly to the real filesystem seems like a bad idea, when most use cases could be handled by a browser-mediated filesystem-like abstract view.

1 comment

ethbr1

Reply
xg15  10 hours ago

> Why not just create per-domain browser-controlled folders (cert-linked?) that are abstracted into a simple read/write API via the browser (with subfolders allowed under that domain's root), disallow cross-domain access

This part already exists, that's the "Origin-private file system".

> ...and then build browser-mediated linking for use cases where you want to flow files from (non-domain) to (domain) to (non-domain)?

That's pretty much what the directory picker is - or would have been. Apparently it doesn't satisfy the security worries of some.