The source clarifies that this only applies to websites run within the Safari browser. PWAs added to the home screen aren't affected.
> As mentioned, the seven-day cap on script-writable storage is gated on "after seven days of Safari use without user interaction on the site." That is the case in Safari. Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer. We do not expect the first-party in such a web application to have its website data deleted.
If your web application does experience website data deletion, please let us know since we would consider it a serious bug. It is not the intention of Intelligent Tracking Prevention to delete website data for first parties in web applications.
For "regular websites" (visited through Safari) it's 7 days where you use Safari, but don't visit the site. So if you go on vacation for a month and don't touch your computer, or if you switch completely to using Firefox for a month, localStorage will remain untouched.
I fail to see why you need to see a mention of "regular websites". The comment clarifies the situation of what occurs if a user goes on vacation or switches to another browser: nothing will be deleted, as Safari is not being used.
It’s a requirement that some time within the next seven days of app usage, the user interacts with the web app.
This might cause trouble if the web app is simply a list of timers which the user interacts with passively (map of earth showing day/night zones), but if there is any interaction at all the timer resets.
I'm not getting the semantics clear but wonder whether having the icon on the homescreen counts as "visiting" or whether suspending the app first day and reopening it the next day counts app-subjectively as "continuing day one" or "reopening immediately"
From their description, nothing. Seven days of use without visiting triggers deletion. Failing to satisfy either of those conditions (either by disuse of Safari, or by visiting the site within seven days) doesn't.
It sounds like there's a time bomb in safari web views just waiting to happen. The timer is supposed to be reset every time you open the app, so there won't ever be seven days of opening the app and not using it. But it sounds like the code path is just there, they just don't ever expect it to be hit because the timer _should_ reset every time the user opens the app.
I can't _wait_ to deploy an application where there is literally an "rm -rf" pointed at my users data, with a complex conditional blocking it. That makes it far to easy for a webview bug to nuke my users data.
This is shoddy engineering. Could you imagine a filesystem being implemented the same way? You would never include a code path in your "mount" logic the says "if ( some condition ) delete everything;" that would rightfully be viewed as a terrible idea and a disaster just waiting to happen.
I actually suspect the reason the codepath is still enabled is probably to do with third parties running in a PWA context. That said I don’t see how this is actually all that flimsy of a mechanism, it avoids needing a special case. As it is you can’t really count on browser local storage alone for long-term storage; the same is actually true for Android and iOS apps too, who lose all of their local data when they are deleted. (It is possible for at least Android apps to write data to other places like the SD card, but that is a totally different story imo.)
Honestly, if my data really matters, I don’t want it to be stored only in a single place. I can get the argument of wanting to have federated syncing, that would give the user freedom to choose where data syncs or doesn’t. But in my opinion you either care about the data or you don’t. Any data stored locally anywhere should be considered lost until proven otherwise. Like, drop your phone in a sewer, leave it in the wash accidentally, have it stolen, or even just have a different software bug obliterate your data and it’s gone. That’s the definition of fragility.
This mechanism failing is mostly theoretical, but having ones phone break is not; I would guess those of us who have been using smartphones for 10+ years have, by and large, all experienced data loss when storing data with no backup.
To relate to your statement, can you imagine if your data on Dropbox was stored on one harddrive, in one server, in one datacenter? Servers fail constantly. You can of course do whatever you want to improve reliability but without redundancy you are very much pissing in the wind.
On the note of “localStorage is temporary,” nothing in the spec defines how long localStorage persists, just that it is not bound to the session. In fact though, Safari already deletes localStorage when disk space is running low.
I am very much an advocate for folks being able to control their own data. I personally self host a lot and use a Synology NAS as my own backup for most things. But I think Safari would be wasting time to disable the counter entirely for PWAs. It doesn’t meaningfully change the likelihood that users will lose data. I think users often do want strong durability and privacy, and an API that n apps from needing to implement many remotes would be way more impactful. I’d love to tell an arbitrary notes app, “Go backup to this Synology NAS” without it needing to specifically support Synology NASes or for example, WebDAV. Put the provider on the clientside and you have a place to implement end-to-end encryption.
(Of course, Apple has iCloud backup, but I don’t think that covers your localStorage content anyways.)
> Honestly, if my data really matters, I don’t want it to be stored only in a single place.
That's all well and good except when you lose your emails that your wrote on the plane and didn't get a chance to send yet.
I'm not arguing that you should _never_ synchronize the data off the phone, but where I store data on my phone should be as robust as possible. So far I have never had my phone delete an application I had installed, but my browser loses local storage, cache, cookies, all the time. It is just not a robust storage location, and this new safari behaviour makes me trust it even less.
As a result, the web is continuously behind native apps for offline or semi-offline operation. There's no reason for that other than the shoddy engineering going in to web browsers, such as this recent addition to safari.
Web apps are unreliable for sure, but I think that is where PWAs should come in. The problem is there’s just not a ton of them today, and parity just isn’t there. That having been said, I’ve never lost local storage on a PWA in any OS so far...
Also I am not saying programs and browsers should not make a best effort to reliably persist data locally... just that robust local storage only really needs to be so robust, because any more robust and you might be fooled into relying on it.
I've lost localStorage on PWAs before. But that was a number of years ago when I was still bothering to develop them. I also lost data in appcache repeatedly, then service workers came along to fix that, because the browser vendors' strategy for broken implementations is to deprecate them with an even more complex standard that they will never finish. Then they can close your bugs against the old standard that they never finished implementing as WONTFIX and everyone gets a promotion for shipping.
Suffice to say that the author of this blog post should have spent less time congratulating themselves and more time clearly explaining the impact of this change, to avoid scaring off developers and users.
Not having a way for web apps to communicate a call to action dramatically reduces engagement with this feature, no doubt. The only way I can see this from Apple's side is they see it as a feature for Safari users, not from the platform side for the web.
From Apple's standpoint, when you put yourself on the user's homescreen, that is a deep connection between that app and the user. Apple spends billions in each finding new ways to enhance and enrich that connection. IMO, their _belief_ is that building a native app to take advantage of all these rich and engaging ways is the best way to build deep connections with your (developer's) users.
Being an icon on the user's home screen is where deep connection begins, not ends. You might add a today widget, you might want to send notifications, you might want to add AR experiences. You might want a Tablet experience and allow hand off between these devices. Apple is invested in becoming a deep level of importance in a user's life. They want to share as large of surface area with 3rd party developers as they can. It would be irresponsible to promote an API that made developers have to start from scratch when they decide they want to go deeper.
"Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer."
But said timer... does nothing? Why does it exist?
Presumably because WebView is available to other applications besides Safari and pinned sites, and they want to offer the same privacy guarantees to users for WebViews in apps as for Safari. Adding an exception for pinned apps is unnecessary because it's impossible to meet the criteria for deletion.
Good luck getting your app added to the home screen. It only works through safari, so chrome or firefox users are ruled out, and it's hidden under some "bookmark" or "share" menu that is too difficult to discover.
I hope not. Apple has had substandard support for modern web technologies in Safari for a long time, to the point where it is often referred to in the industry as the new IE. We've had enough of browsers breaking things that used to work in the name of false progress. Time for the grown-ups to take a careful look and see this for what it is.
You realize that custom, new, cutting-edge APIs (can you imagine the web without xhr?) was what made IE into the IE we talk about. Some they got right, some they got wrong, some were way too tied into IE’s parent’s ecosystem (sound familiar, AMP?). It’s once it stopped getting updated that it became a problem, as no one else had or planned to have some of its stuff, resulting in it being an oddball. Chrome fits the first half of that profile far more than any other browser these days, it’s just that WHATWG being a “living standard” has enabled it to “standardize” any new idea that comes along (other browsers do this too, but not nearly as much as Chrome).
The point is that slowness to adopt new standards wasn’t exactly what made IE into the the IE we all hated; it was going off on tangents without consulting anybody too often that left it out on an island with custom versions of so many things. Fortunately it doesn’t seem like Google is going to lose interest on Chrome anytime soon.
It's not only custom cutting-edge APIs, there's a lot of common stuff which is broken in Safari, that's also why it's referred as the new IE. I personally had issues with forms, clicks, svgs, selects... It's really broken in many ways.
Would you also take gradually losing access to other modern web standards apps rely on as time goes on until the only realistic option we have for building, deploying, and consuming apps are the walled gardens controlled by 2 corporations who have arbitrary rules on who can and can't participate, freely stifling innovation/competition as their interests dictate, and taking a more and more outrageous cut of all economic activity on the platform?
That's where this is going.
> "first they came for localStorage and I did nothing"
It doesn't as the two have no connections whatsoever. The point was that Safari is the most battery efficient browser overall on MacOS, so they're willing to put up with sub-standard support for web standards if their battery lasts longer.
If there is, as they say, a dedicated counter on those home screen applications, what is the threshold? Will home page PWA apps not used often (say, for infrequent uses like travel) have first party data deleted after the icon isn’t clicked for some time? This is highly unclear and confusing.
One of the criteria for deletion is accessing the app for 7 days. If you don't access the app for 7 days, it doesn't meet the criteria and won't trigger deletion. It's poorly worded, but it's not vague.
> "Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer."
What exactly does that mean? So you use the app for seven (perhaps non-consecutive) days, and now all third parties that haven't been, uh, interacted with, get their data wiped - but not the the first party, because that has been interacted with, by virtue of the PWA being launched in the first place?
As the article has been updated to say, "installing" a PWA to the home screen is an optional step that many people prefer not to do in favor of bookmarks or the address bar or the new tab page or whatever.
But it's no surprise that Apple would want to impose an "install" step on the web to prevent it from looking more attractive than the App Store.
PWA is in fact a corporate born, bred and sponsored definition created to push and promote an _arbitrary_ set of Chrome features. It was an attempt to build momentum towards a vision for the web where browsers can run "open" apps. Unfortunately visions don't die, and thus the term lives on. Sigh.
It is no surprise because the whole point of keeping storage around is because you intend to come back. Pinning a website to a homescreen is clear intent. Having a tab or a bookmark does not make that clear. I have tabs and bookmarks open that I haven't visited in years. Thankfully Safari now kills tabs that haven't been touched within X time frame.
"impose" is the wrong word. I think you mean they are "trying to understand you and do the best thing"
It's kind of a nightmare due to both Google and Apple messing things up.
PWAs could be an amazing platform but both companies are really messing it up.
Apple is trying to kill them by giving plausible explanations as to why they can't have PWAs. Security this, blah blah blah. There's no reason they can't have PWAs work well in Safari other than they want you to port your app to the App Store and get locked into their native APIs.
Google's problem is, well, they're Google. Meaning things are somewhat incoherent, docs are all over the place, they start new initiatives then abandon them half way, etc.
Consumers are another problem. They have no understanding of PWAs and they go to the app store, don't find us, and then complain we don't have an app..
The plan now is to use Google TWAs and port our PWA to Android.
We're going to do the same thing to Apple after we do the Android release BUT I think there's a 50% chance that apple will just flat out block us.
I think we might have a chance of getting around it if we use mobile gestures properly, use platform specific APIs like the camera, audio, and GPS that aren't on web and try to really integrate into the platform properly.
For example, they have an API to detect dark mode now. IF that's on we're just going to magically enable our dark mode in our app.
I tried using your app on an iPhone (with Add to Home Screen).
- If I press the settings gear, the text on the settings page is about twice as wide as the screen, requiring horizontal scrolling.
- On the front page, if I open the color picker, it's partially offscreen.
- The hamburger button on the left opens a modal view that covers all of the screen but a small margin on the right, making it unreasonably hard to exit.
- If I try to create a tag or folder, the name prompt appears under the other modal view and is improperly sized.
- Oh, and the UI looks thoroughly non-native, e.g. Google-style floating action button, UI not covering the status bar, bottom tab buttons too short, etc. The animations are also haphazard.
My point is not just to nitpick. It's just that while I sympathize with the idea of PWAs in principle, almost every single time I see someone talk about theirs, the PWA in question has immediately obvious glaring UI defects that have nothing to do with browser limitations, and leave it far below the standard of a good native app, or even a bad one. I honestly don't know why this is, but experiencing it over and over makes it hard for me to care about PWAs.
There are some fantastic PWAs out there. Twitter is the one I use most regularly.
I think one of the reasons we see a lot of less-polished PWAs is that the idea of the PWA appeals to businesses at certain stages. Larger shops can afford to ship native binaries to more than one platform, but a smaller operation can't. PWAs are presumably tempting to those types of product teams: you get multi-platform reach while truly only writing for the web. The fact that their UIs have rough edges are probably a result of having an MVP-stage product.
It is absolutely a PWA, and an excellent one at that. You can add it to your home screen on the desktop and mobile platforms that support it; they have all the trappings of a native application including notifications support, background refresh, etc.
Why enclose PWA in quotes? Just curious. I use Twitter's PWA weekly on more than one platform and it works great for me, but that's just one person's opinion. I prefer it over their native clients for a lot of reasons, but the main value-add is that I don't have to give Twitter access to detailed information about my system while still using a full-featured, first-party client.
It's twitter's mobile site that they extended to cover both desktop and PWA. As a result, it's quite bad on all fronts and judging by the number of bugs that are lingering with no fixes, abandoned. At least they managed to almost fix the epileptic scroll position 
> I don't have to give Twitter access to detailed information about my system while still using a full-featured, first-party client.
Yes, this is, without a doubt, the best value-proposition of PWAs.
Are you sure that's not a catch-22? The reason you've not seen any good PWAs is because the ecosystem doesn't exist for making good PWAs, which doesn't exist because there aren't any good PWAs. Any sane technologist is going to look at the shortcomings of PWAs, and choose a different technology to build their app. Choose boring technology, and unless your product is a PWA toolkit, the app UI library isn't the place to get creative.
The single issue with PWAs, on iOS, is how do I add a PWA app to the home screen? I go to the app store and search... and your app isn't there. As developers we innately understand why that's so, but our users don't and shouldn't need to understand the difference.
Hi there, I'm the product manager for PWAs on the Chrome team.
Very interested in hearing about pain points you've had building out PWAs, especially if there's features you were keen on that haven't been released. Easiest way to reach me is on Twitter: https://twitter.com/b1tr0t
Fully agree with you that docs are all over the place. We've started to consolidate docs under web.dev, and the PWA section launched recently (https://web.dev/progressive-web-apps). Consolidating and adding docs is an active area of investment, and our goal is to create a well lit path for developers to succeed with PWAs.
was way too complicated as a first example, if all I wanted to know was how to make my app installable and is also broken as it uses some outdated tools. (don't remember the details)
Also, it could have been mentioned somewhere, that when you serve from localhost, you do not need SSL to install it. Knowing that, would have saved me the trouble of messing with apaches config and certificates.
So that was very frustrating as a start.
Much more helpful was a very simple hello world pwa which was barely installable. But it worked. And from there it was easy.
Thanks for the feedback! This is now the reference "first PWA" example: https://web.dev/codelab-make-installable. Let me know if you find it easier for new devs to get started with. The other codelab and a lot of other scattered content will be removed once we finish the migration to web.dev.
The statement from b1tr0t directly refute that Google is contributing to MDN, as they put it: "Fully agree with you that docs are all over the place. We've started to consolidate docs under web.dev". As far as I know, web.dev is not MDN and has nothing to do with MDN.
Heh, you're asking a googler who's basically responsible for some of the actions Google is taking with Chrome, trying to make the web only browseable via Chrome and centralizing information under their own Google brand, to contribute to a cross-company/community effort (Mozilla + Microsoft + open source hackers)? While noble, I can only wish you good luck.
I think the sail has long sailed for asking Chrome/Google to help out with the openness/sharing on the web/internet. It's time we just start ignoring them instead.
Just want to note that you specifically mentioned Microsoft working with open source hackers in this comment saying that the ship has long since sailed on Chrome/Google contributing to the open web.
I don't know, never say never I guess. I'm certainly not going to defend Google's track record on openness and privacy -- there have been, under even the most generous of interpretations, huge missteps, and I don't think they deserve the benefit of the doubt -- but they do contribute. Edge backed by Chromium?
Reading that announcement makes b1tr0t's statement "We've started to consolidate docs under web.dev" even worse, as they previously said they are gonna contribute to MDN, but now they have turned and use their own shit anyways.
Just so understand correctly, you're contributing reference documentation to MDN but then everything else goes into web.dev? Why not contribute the "guides and other supporting documentation" to MDN as well?
As I understand, the Product Advisory Board for MDN was created with Mozilla + others in order to combat the fragmentation of information, but your actions seems to do the opposite.
I don't want Google or central authorities to decide which PWAs are "trustworthy" directly to ask for certain permissions but there could be a way or compromise. I don't remember which feature it was but it required yes from Google.
Background geo, including geofencing is challenging, but there may be a way forward. We're exploring this conceptually, but it's not in the plan for 2020. I'd certainly like to be able to improve the capabilities of web based ride sharing and similar apps that have a need for this.
Bluetooth discovery is an especially thorny area from a privacy perspective. What use cases did you have in mind?
Asking for permissions upfront has been found to be an anti-pattern in systems UXR. Research has found that users make better decisions and find the experience less interruptive when permissions are requested in context at runtime. For example, in a video chat app, it's better to ask for the camera/mic permission at the start of the first chat session, not when the app first starts. Mac OS, Android etc. and other platforms have all been moving in this direction over the past few years.
When the permission is requested, we're investigating ways that we can do more to communicate permission risks to the user. Nothing publicly shareable yet, but do expect experiments to be showing up in dev channels over the next few months while we try new things.
Regarding your point on consumers, we put our PWA/TWA into the app store (for the reason you outlined) - and now get a raft of negative reviews that the TWA is the same as the mobile site... Which is frustrating, because that's the point.
Making it clear why a TWA is in the app store is hard in itself. Trying to explain why it's better for consumers over a native app + mobile site is even harder.
As an iOS and Android developer myself, this doesn't effect me but I still think Apple and Google making things harder for PWA is bad because Apple and Google are the gate keepers for what goes on their native app stores. I can cut some slack for Google as they at least allow third party app stores but Apple doesn't.
Either Apple should stop being the gate keeper or stop making life harder for web devs.
Having done native Android/iOS and web dev, web dev is much easier than Android and at least on par/if not easier than iOS.
There's a bunch of very complex web/electron apps that disprove the idea that the web is only for static documentation and web-inspired ideas are coming to mobile (React --> Jetpack Compose/Swift UI).
More importantly, hiring can't be put aside, and it's much easier to adapt your web app to work for mobile (since websites should be screen size agnostic anyway) than it is to build a fully native app from scratch.
There is absolutely no reason that PWAs can't be sandboxed like native apps, or even more aggressively. In fact, native apps are more likely to be spyware, as they can collect much more information from the user than a browser-based app can.
Native apps ostensibly go through review so that Apple can flag malfeasant behavior that is nonetheless allowed by the sandbox. Think things like a $999 purchase request that pops up on app launch (Yes, I know Apple isn’t that great at this. But that’s the argument that they use for review.)
That link is from 2011, and the referenced verbiage is nowhere to be found in the App Store terms. I believe that the current terms leave the App Store open to GPL software. Also, Apple will only remove software if you notify them of copyright infringement; it's not their job to preemptively perform licensing enforcement.
> Also, Apple will only remove software if you notify them of copyright infringement; it's not their job to preemptively perform licensing enforcement.
Developers of GPL software have had different experiences with Apple than what you're asserting. There is a direct incentive for Apple to police licensing incompatibilities if they are profiting from illegal distribution of GPL software on their platform.
I seriously doubt that. It's a lot more difficult to do horrible things with PWAs than it is with native apps. Apple has a history of doing everything they can to keep people inside their walled garden and this is just another instance of that.
I really appreciate this link. I would have never seen this otherwise. It's kind of a disappointment for us on the enterprise side. Our main offering is an offline app where people are disconnected from the internet for weeks and we use localStorage to validate who they are. It's a bit vague about how this affects apps that don't use safari. Nevertheless, we might have to start to really think about the user experience here now that this update is out.
To be honest, HTML5 LocalStorage was always different on iOS when compared to other platforms. The iOS browser localstorage is stored in /caches so it is cleaned when the device goes low on disk space. I found out the hard way, had a cordova app which ran on Android and iOS (and web) and saved an account token in LocalStorage. Some iOS users kept on getting logged out, mostly users with smaller size iPhones!
Now we store the account token in iOS keyring and that works.
Sure! In a PWA, storing login tokens in the keyring would not be possible. So as I said, on iOS the localstorage (and cookies) would be cleared in low disk space conditions anyway. So the PWA experience was already not good!
With all due respect, this comes off as apologizing for Apple's disagreeable design choice.
If anything, it should be on Apple and the browser vendors to make local storage more useful by default, not less useful. Your suggestions might as well be aimed at browser vendors, who could conceivably offer user friendly controls for local storage (e.g. import/export without the dev panel). But as is usually the case each of the browser vendors has these little annoying ways that they cripple the browser to protect their business models. Apple is no exception to this. Look at how they've hampered the WebGPU process. Look at the history of their PWA support.
There's one simple thing that Apple could do. Do not delete local data if user bookmarked page from that website (or pinned it to home screen for mobile devices). Now bookmarked website treated like an "app" with slightly less restrictions and some random website data will be eventually purged (although I believe that 7 days should be extended to few months).
I don't think that web tracking must be fought at expense of user UI. It's fine to fight web tracking by introducing measures that don't break honest websites. It's not fine to fight web tracking or anything by crippling user experience with honest websites.
But most apps cannot be used offline at all, and instead they use localstorage as another place that can store tracking cookie.
So as a user, I fully support this change, because there should not be a loophole like this.
Localstorage is limited to a domain, a common security model in the browser also used by cookies, and prevents cross-origin leaks... (unless a developer volunteers to expose the data via postmessage whose destination can also be limited to specific origins).
This is also why it is important to load your apps JS on your domain or same-origin and not offloaded to a 3rd party server which you might not control (libraries like jQuery CDNs and whatnot are still a minor risk, particularly from a privacy perspective, but not as bad, although I never saw the point with the large variety of versions).
Apple is actively refusing to implement the standard for installable webapps (PWA). So, Apple is intentionally crippling a feature on the grounds of privacy with no possible remedy.
This decision comes from an actor that is protecting their business interests. It might have some positive side-effect for some users, and of course Apple will spin it that way. But in the end Apple is very agressively hampering the web's progress to get their sweet 30% cut.
Note that Apple does support PWA to some degree. My understanding is that they don't support onbeforeinstallprompt, which means you can't create an ergonomic, in-browser installation flow. You have to manually go in the browser menu to find an "Add to Homescreen" button, or something along those lines.
Installation of web app performed by bookmarking it or by pinning it to home screen. That's performed by explicit user decision and must be honored by browser if it wants to make a distinction between random website and useful website.
Not sure about pinning, but bookmarking should not grant any extra rights. Even the useful websites should not be able to track me forever.
Look, we already have lots of website prompts, like camera and location. The best thing, privacy-wise, would be an explicit prompt: "this website wants to store information, possibly including tracking identifiers, forever. Allow?"
This impacts an app I've built for reading academic papers but I imagine the work around here is to write to a file periodically and then load the file in if you don't detect indexedDB having the data you think it should. Obviously this has error cases all its own and makes it more difficult to manage but it doesn't seem like Apple is killing it to me, just making us jump through hoops and add extra complexity. Don't mistake me though this seems like an anti-competitive move from them to prevent people from circumventing the app store.
I apologise for being rude, but IMO you didn't build an app, you built a web page. Web pages are things people look at one time or maybe many times, but they are just web pages that exist in a web browser for the lifetime of the tab they're in, and then they're gone. They shouldn't expect to have any persistent storage from the browser, and if the browser does make small affordances for storage, it's not reasonable to have that persist indefinitely.
Apps are bundles of code/assets that people choose to install on a computer because they want to use them over time to do something. They have a clear lifecycle of installation and deletion that the user has complete control over.
I know the web app, PWA, offline app, etc. stuff is very popular, but it will never be as good as native apps, and it creates an expectation that every browser will expand its functionality until it is effectively a full operating system.
I think the only reasonable case for the web-as-app model, is things that get installed to the home screen, in the sense that the user is then again given control of the lifecycle, but I would still honestly prefer that people just write a native application.
I really liked the web when it was just documents.
> you didn't build an app, you built a web page
"Progressive web apps use modern web APIs"
The word application is there twice. I don't have to like it.
> they are just web pages that exist in a web browser for the lifetime of the tab they're in
Evidently not. My opinion doesn't matter.
> They shouldn't expect to have any persistent storage
2016 "With Chrome 52, we're introducing the ability to make storage persistent"
> ...a clear lifecycle of installation and deletion that the user has complete control over.
I've never asked for 7 days
> it will never be as good as native apps
I don't develop anything for walled gardens. I cant wait for my linux phone.
> it creates an expectation that every browser will expand its functionality until it is effectively a full operating system.
This already happened. Again, I don't have to like it.
> I think the only reasonable case for the web-as-app model, is things that get installed to the home screen, in the sense that the user is then again given control of the lifecycle
But the user isn't given control over the life cycle. It's 7 days. No one asked for 7 days. It's just about short enough to be completely worthless?
I propose an interface where the pwa provides a picture of a cartoon animal, have fire at the bottom of the screen and each creature tumbling down at its chosen speed. Some 1 day, some 30, some 6 months. The user can opt to drag it up to save it. Notify the user with a soft screaming sound.
I expect the browsers to expand to an OS level. I hope so in fact. I don't find you rude I just find your thinking to be in the minority, maybe not on this site, but certainly in the broader market. The web is one of the best distribution platforms for applications we've seen as far as widespread adoption is concerned and in terms of resource expenditure to develop and maintain it's much better than native applications. And no offense but I'm not going to spend the resources to cater to a tiny percentage of the market who care about using native apps vs going to a site / adding to the homescreen if I can iterate, build, release and maintain features much quicker without the general costs of native applications and the arduous publication process current walled gardens have. I also simply don't support what Apple and Google stand for with respect to their app marketplaces.
Beyond that the distinctions you make usually come from no true scotsman developers. I've built everything from OS emulator extensions to 3d graphics engines to web apps and as far as building things people actually use and benefit from outside of my own interests the web takes the cake. The low-level or native vs web issue seems overly self masturbatory to me. I build things to get used by people quickly and effectively, not show off my mastery of software development. I take pride in my craft but the only value in shipped software is the utility it provides to other people as evidenced by the number of horribly designed pieces of software that are pretty much ubiquitous in our daily lives now. I pride myself on pragmatism, good fundementals, and getting things done expidiently and native applications seem no where close to being the pragmatic choice from any of those standpoints.
Some of my favorite projects however are from people who have tried to merge the performance and memory characteristics + respect for end user systems of native applications with the speed of development and ability to quickly iterate of web applications. If they reach the threshold I believe won't unnecessarily delay the work I want to do from native development minutae, then I'll make your native apps.
But I think you should get used to web apps being here to stay.
Would make our app non functional for users who have limited internet and also a huge burden of responsibility to store their data securely. We’ve always avoided hosting data as that’s a completely different ballgame.
Yeah I've got a lot of users with very shaky internet and intermittent involvement with a given application (not using it for a month, more). This presents some serious challenges / impossibilities for those user's use of a web app when they're not online.
I hope they come up with some good options as this news settles. It's hard to see this as anything but even just a accidental push ('well you should always have written an app for the app store') to force folks to write a native app / participate in the app store.
Cookies can either be set in HTTP responses or through the document.cookie API, the latter sometimes referred to as client-side cookies. With ITP 2.1, all persistent client-side cookies, i.e. persistent cookies created through document.cookie, are capped to a seven day expiry.
Indexed DB, LocalStorage, Media keys, SessionStorage, Service Worker registrations
Since cookies are not mentioned, I'm assuming it's NOT affected by the 7 day cap but will instead continue to work as normal (except for the fact that 3rd party cookies will stop working, which is a Good Thing)
Technically, when you update it via js you're overwriting the existing cookie with a new one. And, from my understanding, it's then subject to the same restrictions as any other cookie set client side.
So in order to have a long-lived cookie, you essentially need to treat them as read-only client side, and push any and all update/write logic to the server such that it'll return a set-cookie header with any changes you require.
The issue is elsewhere: you need to pay your developers to develop the second app. You would most probably need to bring in one more team, for each native platform.
Will you get new users from that? If yes, they will pay for that (in principle). If not, just some existing users would migrate? Then you just increased your cost without increasing your revenues. So you would need to gain enough new users to make it worthwhile.
* * *
In a nutshell, it is the same reason why Adobe won't port their apps to Linux. They already have all the users that need their software, and while it would be nice for some of their users to migrate, it won't bring anything to Adobe.
Again, if you are actually affected by this issue right now, you have a web app that is more or less trivially ported to a web view app. Your user don't have to migrate, they already have accounts, they just need to download the app again, this time from the App Store.
> In a nutshell, it is the same reason why Adobe won't port their apps to Linux.
Linux is a non-market for Adobe apps. On the other hand, if you have an offline PWA right now, you most likely already have iOS users that you would probably lose if you start confronting them with this "7 days and your data is gone" bullshit.
This is really in response to the irresponsible use of APIs for trackers. Evercookie is a stunning example of how far it can go... From their repo:
- Standard HTTP Cookies
- Flash Local Shared Objects
- Silverlight Isolated Storage
- CSS History Knocking
- Storing cookies in HTTP ETags (Backend server required)
- Storing cookies in Web cache (Backend server required)
- HTTP Strict Transport Security (HSTS) Pinning (works in Incognito mode)
- window.name caching
- Internet Explorer userData storage
- HTML5 Session Storage
- HTML5 Local Storage
- HTML5 Global Storage
- HTML5 Database Storage via SQLite
- HTML5 Canvas - Cookie values stored in RGB data of auto-generated, force-cached PNG images (Backend server required)
- HTML5 IndexedDB
- Java JNLP PersistenceService
- Java exploit CVE-2013-0422 - Attempts to escape the applet sandbox and write cookie data directly to the user's hard drive.
It's really in response to a confused, ad-hoc web privacy model that has never been designed and is simply incrementally patched over time in response to complaints from an equally confused, directionless and visionless 'privacy warrior' subculture.
Mobile apps suffer these kinds of problems far less, partly because it's understood that actually mobile users don't install apps then get upset about "tracking", in fact, the vast majority of apps will want you to sign in to some sort of account and those that don't will be using ad networks to fund themselves, that users understand and accept this and that throwing up permissions screens doesn't achieve much because users will typically grant the permissions. Privacy on mobile platforms is more about stopping activity the average user would recognise as illegitimate spying - turning on cameras and microphones to feed conversations to angry ex-girlfriends, that sort of thing.
If the web's architecture had some sort of coherent view on how the tension between users, content providers and advertisers should work, then we wouldn't see this steady endless churn of app-breaking API changes. Everyone would know the rules of the road and there'd be way less tension as a result. Mobile platforms aren't quite there because they were designed with security architectures that were then pressed into service as ad-hoc privacy architectures, but they're still far more coherent on the topic than the web.
“... abusing over a dozen technologies...” is this a proof-of-concept or a real thing
? It just seems too horrendous to be real.
I think your comment really hits the nail on the head, IMHO the frustration shouldn’t be directed toward Apple but more toward the groups who have pushed the tracking practice so far to necessitate such draconian measures.
This is 100% correct. Being upset at Apple here is exactly like publishers whining about ad blockers when they should direct their frustration and anger directly at the ad creators (or themselves) for foolishly abusing their audience.
No, the two are different. Ads are only used for ads. localStorage has lots of uses, tracking users being only one of them. Apple is throwing out the baby with the bath water. Ad blockers merely throw out bath water with varying levels of dirtiness.
This is real, but also not new (as you can tell from the name check on Flash, Silverlight and IE). They used to be called "supercookies", but that term has come to mean something else in the last few years.
I’m guessing that Apple will start hindering web apps because the new mouse support in iPadOS is going to be such a boon to web apps. Because of sandboxing, web apps are the only cross-platform apps that can run in their full versions on iPadOS. I wrote a quick summary of the situation.
Therefore, since native apps are more of a platform differentiator than web apps, moving forward we can expect Apple to start systemically hindering web apps, especially on ones that are good on iPadOS, in order to boost native apps.
(I’m not saying this necessarily the start of this, but I am saying I'm not surprised. This is exactly the type change, targeting the exact type of app I’d expect to be targeted.)
> I’m guessing that Apple will start hindering web apps because the new mouse support in iPadOS is going to be such a boon to web apps.
As a web developer, I've never believed Apple has hindered web development on their platform, purposefully or not. They just don't spend their resources adding in WebBluetooth or whatever new API-of-the-day Google has decided to come up with.
As I see it, their focus is on the user, which is why they've been slow to adopt APIs that are privacy concerns, or drain battery, or have other negative implications.
That’s a very rosy way of looking at it. iOS has had bugs with its “add to home screen” webapps that kicked around literally for years. If they were being “user first” they’d support it fully or not support it at all. Instead they implemented then neglected it.
Uh, they're the most well capitalized corporation in the world (or hovering in the top 3 plus or minus a few quarters). They have the resources to make it work if they wanted. There are undoubtedly thousands of engineers, hundreds of managers, and at least a handful of execs, working for Apple, lurking in this HN thread today, not because they're unaware of their ongoing sabotage of web standards on iOS, but because they're completely aware of it and want to take the temperature on how their latest kick to the shins of PWAs is going over.
Probably because Apple giving a crap about web apps was depreciated with the release of iPhone OS 2.0 and the App Store over a decade ago. I'd bet few users even use the "add to home screen" button outside of corporate environments that want to add a shortcut to internal sites.
Until a recent iOS release they had a number of undesirable features that made them a bit inconvenient to use: they used UIWebView (instead of the faster WKWebView), they "restarted" if you ever left them, and generally had a number of other quirks.
As a web developer, I've never believed Apple has hindered web development on their platform, purposefully or not. [...] As I see it, their focus is on the user, which is why they've been slow to adopt APIs that are privacy concerns, or drain battery, or have other negative implications.
As another web developer, I find this entirely unrealistic. Apple's QoI even for popular new features like the HTML5 media elements was a bug-ridden mess for years before they fixed even basic problems. Conveniently, having managed to break the de facto standard for serving video on the web that had been working for years up to that point (Flash players), that left native apps as the only reliable way to do a lot of even quite simple things you might want to do with multimedia content. There is a deep irony that some of the breakage was because they were playing those media elements through effectively a separate plugin of their own that wasn't properly integrated into Safari and consequently broke other basic web behaviours like cookies.
At this point, the idea that Apple's motivations for the constant breakage and even severe regression of web functionality on iOS devices are entirely altruistic and for the benefit of their users is about as credible as Google and Facebook lobbying for privacy regulations because they want to decrease tracking on the Internet.
Just to be clear, Apple didn't kill Flash, mobile killed Flash.
I don't think that generalisation is warranted.
Apple refused to support Flash at all, meaning everyone who wanted to provide (among other things) audio/video content had to switch to the nascent HTML5 functionality, which was at that time and for some years afterwards inferior to Flash in almost every way except availability.
In that situation, it made little sense to invest in better Flash support on Android as it was presumably seen as a dying technology. However, there was no inherent reason why Flash couldn't have been improved to use less battery in the same way that the browsers themselves were, or that Flash could not have taken advantage of better hardware support on mobile devices for computationally expensive tasks like video decoding as this became available with newer devices.
This revisionist history, of seeing people wanting the proprietary Flash to come back, is crazy.
There's nothing revisionist in saying that people wanted A/V content on their sites, that Flash player had been by far the dominant way of providing that content up to that point, or that the then-new HTML5 alternatives were also very poor in quality and performance on mobile for several years afterwards.
Remember how for several years everyone with iPhones couldn't watch the videos on a lot of websites, and how excited people were when the big video hosting sites started adding HTML5 players and, in time, support for better codecs? Probably many of those people had no idea what Flash or HTML5 even were, so I don't suppose they did "want Flash to come back", but they certainly weren't happy that they couldn't watch videos on websites like everyone else.
Be careful what you wish for! I don't for an instant believe that Apple's motivations here are purely for their users' benefit, but their actions do at least tend to have some beneficial effect on privacy. Letting them suffocate so Google's spyware-laden ecosystem becomes the only viable way to access the web on mobile devices would not be an improvement.
> Always ostensibly to protect users but always also conveniently putting webapps at a permanent disadvantage to native apps.
This isn't always a bad thing though. For example, Safari has prohibited some obnoxious behavior that Chrome has allowed: Autoplaying videos, tab suspension, push notifications. These hog CPU and destroy battery life, worsening the user experience.
Remember, making everything a web app is Google's agenda because they benefit most from it.
Interesting. I can tell Safari to not autoplay videos on YouTube in its preferences, but that doesn't seem to do anything. Seems more like a bug on Safari's part and/or workaround on Google's part than anything deliberate.
Safari uses some sort of algorithm to determine whether you actually want the autoplay to happen.
For example I've noticed that if you play a video on a website during that session, it will allow autoplay from scripts on that page (not 3rd party) for the rest of that session. Same for unmuting an autoplaying video.
This is all undocumented though and through personal observations, as Apple seemed to stop posting Safari documentation years ago.
I'd be amazed if there were more than a tiny fraction of iOS/iPadOS users (of which there are hundreds of millions) who weren't perfectly ok with Mobile Safari for their everyday usage.
[I'm probably the "target market" for Chrome (backend, occasionally frontend developer) and there's no way I'd have it on my phone. I only suffer the GMail app because they've made IMAP usage of gmail unreliable.]
Yet non-default browsers on Android are non-existent. So in practice Android has the same web-engine mono-culture as iPhone. Given how successfully Google was able to ensure Blink domination on desktop and even more so on Android it is very understandable what Apple has done. And for me having at least 2 web engines on mobile is better than 1.
In what reality-distortioned world is that worse than 0%? Also, several of those Blink-based browsers include additional non-Google-approved features, like Mozilla's own Firefox Focus, Samsung Browser, Edge, and Brave. I'd hardly call that a monoculture just because they share the same lineage.
If this were true, how would you explain the recent improvements to Safari on the iPad that make it as capable as desktop Safari. Until last year Google Docs did not work in Safari on the iPad. Now it works very well indeed. The same is true of most web apps.
This particular move takes something that is possible in web applications today and makes it not possible in the future (offline capable frontend-only applications), making the gap between native applications and browser applications further, so developers who need to build apps that works offline on iPhone, will only be able to use Apples own technologies for doing so, in a non-cross-platform way. Which in general, is what Apple always been favoring.
Google Docs doesn't really work offline, so it's not impacted by this change. Could also be a change of heart from Apple, since their stance on web applications have changed before.
Now I'm not a native English speaker, but seems "arbitrary" means "determined by chance, whim, or impulse, and not by necessity, reason, or principle". Introducing a law to protect peoples privacy would not be arbitrary, especially since most countries have a due process for introducing laws.
They could restrict these APIs to "installed" web apps via the web app manifest file, if they were to adopt that. Maybe they will in the future, but for now they've just made web apps far less powerful.
This is a great point with a simple explanation: How good Safari was on iPad was irrelevant before mouse support. Before mouse support, we had apps made with UIKit, which is a touch-first app framework, competing with web apps, which are keyboard-and-mouse first. So UIKit apps won, because UIKit apps are better for touch. With mouse support, that situation becomes exactly inverted: In UIKit apps, the keyboard and mouse are secondary, so web apps have the advantage in being keyboard-and-mouse first.
So now that web apps have the advantage, at least when a keyboard and mouse are attached to the iPad, Apple is going to be seeking to tip the scales back in native apps favor.
We’re all speculating about Apple’s motivation, but none of us really knows why Apple made its decision. Perhaps it’s best to focus on the trade-offs—privacy vs. functionality—and not the speculative Kremlinology.
Respectfully, no. Learning software is a big investment in time and effort. Since I'm on Apple's platforms, because I think they're the best compromise for running the software I want to run, I am going to continue to speculate their reasoning to try to predict which software will be successful on their platforms in the future, because that's how I choose where to invest my time and effort.
I respect you have some other motivations here, but I'm not doing this for fun. I'm doing this because it's important to how I spend my most important resources: my time and effort. So no, I'm not going to stop speculating, the mere idea is laughable. Like buying an individual stock while having no opinion of what direction the company might take in the future.
Of course you are free to speculate, but my point was that we lack evidence of Apple’s motivations that would help us to make predictions of any value. All we can do is tell a plausible story, and without evidence your story is no more likely to be true than mine.
The people who work on making websites function better on iPad are literally a 20 second walk away from the people who work in Intelligent Tracking Prevention–do you really think that they'd seek to undermine each other in this way?
Absolutely, do you have evidence they are talking and consulting with each other? Obviously lack of evidence isn't evidence either, but departments do things all the time that are at odds with each other in companies like Apple.
I have nothing against hybrid apps. In many use cases, they are the best approach, and I have often declined business, in recommending them to others, as opposed to what I can do.
My post was not an attack on anyone or anything, and it was not being snarky. All I said was that I develop native apps, and that this policy does not affect me.
I like developing native apps. I've been writing native Apple software for 34 years. It's not really difficult; just different. I have also been developing "Internet" software, of all kinds (full stack), since before the WWW. Using Apple stuff. It certainly can be done.
Better title: Apple restricts tracking by limiting browser storage, which hurts my particular app.
Browsers need to be severely limited due to them running arbitrary code from the web. Doesn't matter if it's an offline web app. If you want more access, make a native app (with or without web technologies).
Wouldn't it be possible to retain the data with privacy by:
- Asking the user client side for a password
- Encrypt data as a blob using some symmetric encryption (AES)
- Push encrypted blob to the server with login attached
If you're using SSO the client authenticates and then can pull down the encrypted blob based on the SSO auth being valid. You can tie 2FA in however you wish. At that point the user is prompted for a "data" password for that particular site. Or would there be an easy way to build a pki/pin cert type of encryption to eliminate the password prompt? (I feel like this is essentially what Keyring!? would do but maybe not?)
Outside of implementation weaknesses which I feel could be mitigated by created standard libs to do this, what am I missing?
Bonus points for pushing the data diffs only or even a version controlled blob (data stored in a git repo where only the diffs are pushed in encrypted form).
Edit: Or how about a local hardware appliance for your network that stores all data like this encrypted and pulls from there.
It's very hard to verify that the data is indeed encrypted, whereas with local storage you can just monitor your network usage and see that no requests are going out. Hell, you could airgap your machine and have no problems with localstorage.
You can implement end-to-end encrypted applications e.g. with the subtle crypto API, though there’s always a debate of whether this really provides good privacy as the website owner or an adversary who can inject code can still change the JS and steal the data. Personally I think it’s still much better as the data at rest is encrypted and only the user can decrypt it. Now the problem is of course that if the user forgets his/her password the data is gone. To alleviate that you can again think up some schemes like encrypting the encryption key with an asymmetric scheme where the private key is kept secure by the website owner, but that then requires a process for securely using this key... So it’s possible but not trivial I would say!
No, Apple offers anonymous user credential technology. Server gets unique identifier and ability to authenticate with no actual user info. Server gets an anonymous redirected email for sending info to the user. Apple is the intermediary. Of course, you can choose not to trust Apple, but Apple already has my info and their business model is not predicated on tracking and advertising. I'd rather continue to trust them than spread my data across more orgs, but that's my choice. You might choose differently.
I choose differently, but my choice may matter to you if I throw up my hands and say "Too much effort; if the user visits my site in Safari, I'm just going to toss up a banner page that says "this site does not work in your browser."
It's a power-play on Apple's part to intermediate themselves where their inter-mediation isn't necessary. And all kinds of customers (enterprise in particular) won't appreciate Apple getting a free "hi hello" signal on how much their company uses some service that leverages this scheme. Especially if Apple is a potential competitor to them.
Same. We momentarily considered adding Apple Login to our app when they changed the rules a couple weeks back, but instead we are removing all social login and migrating all accounts to (email/username)/password. Why?
Because a) it's even more code we now have to support, both in our apps even on android and on web -- a huge investment we are not prepared to make, and b) because for what we do, we actually do need to know the user is who they say they are (we offer the ability to contract a service between third parties, which means anonymity is NOT desired). I was never really comfortable using social login at all, for that second reason, but was pressed to by my peers; after Apple's shenanigans we came to the mutual decision that it was time to cut the cord. The login screen is already busy enough, we don't need yet another button. So we'll simplify.
For this latest change, it won't affect us much because I have always made it a policy neither to trust, nor to rely on, the data in Local Storage, and only to use it for performance boosting via caching. If data isn't there, it isn't there, and we go get it. This is largely due to historical reasons where browsers have always borked the LS implementation in one way or another, but it's beneficial now in that it won't really change anything for us.
I do feel for folks that are using it for genuine storage though, I know some apps that use it in order to AVOID storing private data on their servers, which will now have problems and be forced to reduce privacy in order to adapt.
This is definitely a power play on Apple's part to further weaken the web ecosystem. Device sales have been falling for years, they know their cash cow is their 30% cut on app purchases and IAP, and they aren't going to let the browser cut into that. Any "privacy" benefit in this case is purely incidental (and as noted above I believe it will do the opposite in many cases).
Thank you. I think this is very often overlooked. "Consent" gets thrown around alot but most of the time people basically have no choice if they want to, you know, participate in modern society. That's one of the reasons why an open web is so so so important and why I think Tim Berners Lee is working so hard to try to bring some part of that back as the "online world" (apps and internet) become more and more walled garden.
If you are coerced into giving consent, it isn't consent, and most of the time if you're doing it so you can be part of the world around you, it is coerced, whether people want to recognize that or not.
Any time you see the phrase "implicit consent", it can be helpful to stop and ask how that consent could be withheld without changing anything else. If it can't be, then it's not really consent at all.
Web-wide analytics (and our own, which have almost exactly the same stats), show about 30-40% of users still rely on email/password (and that's actually growing, as password managers become more ubiquitous especially when Apple implemented the built in credential manager in apps and in Safari on iOS).
We're actually getting rid of social login in our apps. And we're not alone, alot of platforms I use have recently moved the same direction, and I think for the same reasons.
Google, Facebook, Github, Twitter logins proliferated because
a) the cost of implementing an auth system is high, and those offered a turnkey solution that was cheap and quick to implement. This is no longer true, there are lots of options now to host your own auth while federating the hard work to someone else (e.g. Auth0, Cognito, et al)
b) for awhile, people LOVED the idea of having "an online identity" and a single login everywhere. Over time this has not really panned out, because it's the prisoner's dilemma; for it to work, everyone has to do it (which is why G and F have tried so hard to get everyone to use them). But also, because privacy questions have reduced the shiny appeal of that scenario in the first place. Combine that with easy to use password managers now, and it's much less necessary.
But browsers are severely sandboxed already. What the article is talking about is:
> deleting all local storage (including Indexed DB, etc.) after 7 days
which I can see how it might help privacy (since you could be tracked via local storage too) but also how it might break any potential web app that might need data to last more than 7 days.
> If you want more access, make a native app
But then, everybody will complain about yet another Electron app, right? Not to mention that you have to fork over $99 and go through the signing / notarization hoops that change from one week to the other.
I think in the name of privacy and security only Apple and some select few corporations will be allowed to make software in the future. macOS / iOS and Windows 10 are evolutionary dead ends in many ways.
* AdoptOpenJDK releases that were notarized some months ago are no longer accepted by Apple since they made the rules even more stringent. I had releases accepted by Apple that are not accepted today using the same AdoptOpenJDK binaries.
* Apple's notarization rules are not global. There's whitelists for given companies/institutions/apps/files which means the same dylib might not have to be notarized by a bigger player but will have to be codesigned by you.
The above happened to me in the span of less than 3 months I think?
Indeed, the scripts I use per se to do the notarization are about the same as originally.
Apple may have stepped up notarization requirements, but I never heard them be inconsistent across developers. Are you sure you submitted the same binary? Nothing different about the signing or bundle layout?
It would only be citrix if it was made a native app. It is presently a web app, presumably because it was determined to be a better choice. You proposed that it should be a native app. It would be the customers that would choose Citrix, but they'd probably prefer web apps (if they're anything like my customers).
The deployment story is so much better for web apps, which is the main reason it seems to be so compelling for big enterprises.
The moment you offer in-app payment, apple gets a cut. This goes as far as not allowing apps that link to payment outside of the appstore's payment system.
There is a huge number of cordova apps out there. These are webapps inside a native wrapper, to access exactly those features that are crippled in safari. Reliable storage, push notifications, and not much more.
ACloudGuru does not allow you to pay for subscriptions via in app purchases, Udemy allows both. A company can decide whether it is right for their business model to allow in app purchases exclusively or along side their own payment options.
Hulu for instance allows in app purchases for the regular Hulu service but not Hulu Live
It's not "limiting browser storage", it's making browser storage expire. TFA's example is just some random app, but this essentially kills the entire concept of an offline-first web app, and severely hurts the browser as an application platform.
> If you want more access, make a native app (with or without web technologies).
Browsers usually ask for an additional permission in this case which would be a good approach. Your post sounds like "browsers need to be severely limited, so if you want to watch video, just launch VLC". It does not work this way.
Making a native app is more complicated than making a webapp, especially if you want something cross platform. Browsers are now an universal virtual machine, what was the JVM years ago, and with webassembly we will se more and more things done in the browser.
The real 'write once, run everywhere' are webapps, a webapp doesn't care if you are using Apple, Windows, Linux, BSD, whatever, if you have a compatible browser you use the app.
Sure there is Electron (or React Native), to me it doesn't make sense, what is the point that every application needs to ship basically a browser? And still Electron apps need to be compiled and packaged for every platform, while with webapps you enter the URL in the browser and you are done with it.
Doesn't adding APIs to browsers not only to use the local storage but also to access the filesystem of your device (of course asking the permission to the user) make more sense?
Of course what really Apple fears is loosing the control of the apps that gets used on their device, now they control the App Store that is the only way to get apps on their devices (beside jailbreak), with webapps is different, since you can access them directly from the browser.
And the thing that is absurd is that the first iPhone didn't have the App Store since Apple decided that the only way to get third party apps was trough the browser, now they are aiming for the opposite thing.
My company created a web client for our chat software product around 5 years ago. The quality of our product has slowly deteriorated as browser vendors continually remove or restrict features that once worked fine. Just to name two examples: autoplay audio for chat notifications and tab throttling killing websocket connections and background timers. I understand bad actors are abusing these things, but they're breaking totally legitimate use cases.
We've been forced into an electron client and now urge our customers to ignore the web client. If we didn't have a small number of customers on Macs, we would abandon web tech altogether and build a native Windows client.
> Browsers need to be severely limited due to them running arbitrary code from the web. Doesn't matter if it's an offline web app. If you want more access, make a native app (with or without web technologies).
Native apps have the same problems too and such "severe" limiting of apps in web browsers still doesn't solve it. The only more or less privacy preserving model I can think of for native apps today is open source repositories with app distribution not controlled by app developers, like f-droid or repositories in various linux distros.
Wouldn't making it first party only cover it? I don't see how this has anything to do with privacy/tracking. webpages can still leave long term cookies. The only way this is a privacy issues is if 3rd party iframes can use localstorage but just like 3rd party resources have their cookies blocked so to could localstorage.
Otherwise this has absolutely nothing to do with privacy or tracking.
...and give apple their cut. Why not add permissions to webapps? Like location, or push notification... oh that's another feature that happens to be missing only in safari.
Just accepting these moves from apple as "in the interest of users" is naïve. Apple has a huge vesting in their appstore, and every webapp is a potential appstore-app that is some lost revenue.
I mean, maybe apple is right, and the web should go back to a readonly document-like format, like in the old days. Articles and links. Apps for everything else. But let's not kid ourselves that they do it purely in the user's interest.
Genuine question: what makes native ad frameworks different here? They execute with the same privilege of their containing app so surely they’re open to similar privacy concerns. Shouldn’t native apps have their storage cleared?
I’m a little confused by this and maybe I’m missing something. Wasn’t localStorage always intended to be treated as a volatile storage mechanism for non-critical data and caching? The advice I’ve seen for several years says to avoid storing sensitive or critical data there.
Can PWAs not switch to using IndexedDB which seems like it’s more purpose-built for this use case?
No snark intended. I’m legitimately curious what the situation is and where any blockers are.
It's a bit confusing because there are two similar terms being used to describe this. First is "local storage" which refers to any of the storage, as long as it's on the local device. Second (which you used) is "localStorage", which refers to specifically the window.localStorage API (which you are right about, has been described as a volatile short-term memory for apps).
Some browsers show an icon in the address bar when an app is requesting/can make use of an optional permission or feature. Clicking the icon allows you do grant the extra permission (i.e. allow cookies, enable, camera, etc.) but otherwise no additional prompt is shown.
I think this is an excellent example of such an unobtrusive prompt and is how ALL such features should be implemented. Sites should get almost no permissions by default and certainly not be able to show popup prompts.
That is not a prompt at all, just a fancy configuration option. Which most users will never notice and just assume the app is broken.
When the site tells them to "active X permission" without telling them how to (for their specific browser version), most will leave instead.
When the site gives super detailed, up-to-date instructions on how to activate the feature, a very large percentage of users will still leave instead.
When the feature is so useful that many sites go through all thouse troubles and it's common enough for users to encounter this that they'll follow through, most will do so for every site that tells them to and entices them with "ACTIVATE X TO RECEIVE YOUR $10,000 PRIZE, LUCKY WINNER!!!".
Actually there is - firefox does it all the time. It's simple really - just add a new obscure configuration parameter and tada - the browser starts ignoring your dns resolution setting and automatically uses a preconfigured one.
No need for a prompt, obtrusive or otherwise.
I configured my Chrome to block sounds on all websites except for a few selected ones. Now if blocked website plays sound, I can see tiny icon in right of my URL bad. It's absolutely unobtrusive, yet I can enable sound with two clicks.
Even before this change, data in IndexedDB was kind of volatile - if a device was low on space, browsers could delete stored data.
https://dexie.org/docs/StorageManager describes the StorageManager API which lets you prompt the user to allow your IndexedDB data to be stored more reliably. My first thought after reading this article was wondering if this would allow an exception to the 7 day rule... but then I remembered that Safari is the only "modern" browser which does not support the StorageManager API
lol, sucks for users of my client side JS video game!
I would say yes. The reason being is that exceptions will be abused, so it is better to enforce rules that everyone has to follow than to depend upon good behavior which the people we are trying to stop won't (almost by definition, because we wouldn't be needing to try to stop them with rules if they were already respectful of the social contract).
If there were a way to enforce that the application has no access to any communication system (network, inter-app, maybe excluding explicit copy/paste), then I would be happy to give it permanent storage.
But as soon as you allow it any access to network resources then carrying state becomes a liability.
A Note On Web Applications Added to the Home Screen
As mentioned, the seven-day cap on script-writable storage is gated on after seven days of Safari use without user interaction on the site.” That is the case in Safari. Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer. We do not expect the first-party in such a web application to have its website data deleted.
If your web application does experience website data deletion, please let us know since we would consider it a serious bug. It is not the intention of Intelligent Tracking Prevention to delete website data for first parties in web applications.
> Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. [...] We do not expect the first-party in such a web application to have its website data deleted.
I don't get it. Which of these statements is correct?
1. "Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Of course, that counter doesn't do anything. It just sits there, counting, for no particular reason. We just love counting things!"
2. "We do not expect the first-party in such a web application to have its website data deleted. Except, of course, if they don't use the web application for seven days. In that case, that data will be _extremely_ deleted! Really just wiped from the face of the earth."
The counter is per days of application use, so (2) is false. Not using the app does not affect the counter.
The counter is also per domain, and so while the first party domain for the PWA (which is likely to, of course, be loaded on each PWA launch) is effectively meaningless, if you visit other domains from within the PWA they will be subject to the counter independently.
I believe the first-party primary domain of the app will never have its data wiped — though the article could certainly be clearer on the point. What would be cleared in that case would be any other domains — if there's also a "Visit Zombo Facebook" link in there, and you only looked at Twitter for a week, the Facebook cookies would be wiped.
> Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer.
Can anyone explain this with an example?
So web apps added to the home screen will have their storage wiped under some scenarios? If not, what does "have their own counter" mean?
How are web applications added to the home screen not part of Safari in a way that's different from a regular URL you might visit?
Note this is totally based on my reading of the GP:
>> As mentioned, the seven-day cap on script-writable storage is gated on after seven days of Safari use without user interaction on the site.”
I'm understanding this to mean: you access Site A and it stores data to your local storage on day 0. Then you use Safari for Sites B, C, and D, but not A for the next 7 days. Since Safari has been used for 7 days without using Site A, Site A's data is cleared.
>> Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer.
I'm understanding this to mean there's no distinction between Safari and Site A anymore. Since you can't use Site A for 7 days without using Site A, Site A's data is never cleared.
It would make much more sense for them to just disable the counter in this case, or at least just explain it that way. It would be less confusing.
Home screen installed PWAs are treated as a separate web browser.
So installed PWA's do have automatic deletion, but that basically only applies to third party content (like advertiser tracking cookies, or content from other sites you show inside an iframe), since the number of days used since last interaction counter will stay at zero for the main site.
I don't read it like that. It's not about 7 days real time, it's about 7 days on which you use the app.
Since you can use Safari without visiting the PWA's domain, this feature can delete the data of a PWA which runs in Safari.
Since you can't use a homescreened PWA without it visiting the associated domain, the data saved by the PWA's domain will never be deleted for homescreened applications. But data associated saved by other domains can still get deleted if you use the application for 7 days without it opening that domain.
> Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer.
This is a baffling word salad. So they are tracking days of use of home screen web apps... which sounds like it means that if you do not use the app for seven days the cache will be deleted... but they don't expect a web app to have its data deleted. What?
Home screen installed PWAs are treated as a separate web browser.
For all web browsers, content is only deleted after 7 days in which you use that browser. So if you shut for phone off for a month, and then turn it on, and open safari, that whole month only counts as one day, since you did not use the safari browser during that month.
The same rules apply to PWAs installed to the home screen, which are being treated as seperate browsers. Of course, the count of days of use of this "browser" without using the main site will always remain zero.
But for third party cookies, or third party content from an iframe that uses local storage, those would get nuked if the home screen installed PWA is used on 7 different days without interacting with those domains.
The only coherent interpretation I can think of is that accessing example.com in a home screen app doesn't reset the timer for example.com in Safari. And vice versa. But it's still really unclear whether that implies that home screen apps get their data wiped or not.
It depends on the context.. For example, I use an invoicing web app that stores previously created invoices indefinitely in localStorage. This gives me the benefit of not having to manage login credentials and keeping everything client-side. It also gives the site's developers the benefit of not having to manage user accounts or server side state.
Without being able to use localStorage as a long term store, I'll have to register for an account, have to deal with them handling my data, etc. Losing the functionality of localStorage as a long term store has disadvantages.
Maybe it is because I can't seem to hold onto a device for more than a year or two before I lose it somewhere, but the idea of having all my important invoice data on a single device sounds scary to me. I would hope that localStorage is included in in iCloud backups.
I don't understand why you wouldn't rely on some other normal local storage for an app, except to be super lazy making cross device apps with some platform. I think that's what all the screaming is about. Low budget cross compatible apps will suffer.
I think looking at Apple as saviour of Privacy, is for lack of better term just wrong. They have always favoured closed systems even if didn't provide privacy advantages or as in this case was counter-intuitive for privacy.
I feel the comparison of Apple with data companies such as Google, Facebook is by itself at fault. Apple like any computer company of 70's was not into data, just because Internet itself didn't exist at that point like it does now. 'Apple didn't choose to be in data' is projected as altruistic, instead of just a marketing ploy(they didn't choose, because it wasn't available).
Apple doesn't receive even the fraction of scrutiny Google, Facebook receive (which they should). e.g. iCloud hack, Apple's response to iOS vulnerabilities targeted by state actors, Newer Safari being incompatible with privacy extensions such as uBO etc.
Personally I feel good that Apple is not into data, just because I feel if they are into data; they might be more evil than Google or Facebook aided by their walled garden.
I think looking at ANY company as the savior of privacy is a waste of time. Companies have proven time and time again that they are unable to self-regulate this. Only way forward is to introduce legislation that makes it illegal to track users using privacy-invasive practices, otherwise we'll never get rid of it. A company can be privacy-preserving today, but then the leadership changes or acquisition happens, and now they change their practices, without informing users.
I simply see no technological solution to this problem, it'll always be a cat-and-mouse game, until governments catch up and makes it illegal.
I'm eager to hear if someone here does have any solution to this problem though.
Before someone says I have Firefox/Chrome on my iPhone; they are just skins for Safari. Same vulnerabilities which exist on Safari(Webkit) can be exploited there as well since they aren't allowed to use their browser engine.
When you use Apple Maps, Apple doesn't know who you are, where you go. There's not even a way to sign in.
It's not incompetence. When you request a route, your iPhone breaks up the request into separate, unrelated segments so Apple doesn't even know your total route. They've done work to avoid tracking you.
Call it a "marketing ploy" or "altruism" or whatever, but the fact is that Google wants to know where you go, and Apple doesn't.
Agreed — Apple’s trying to project a high-minded motivation here, but their real motivation is likely to try and limit web technologies so that companies must still invest in native iOS apps and remain within their walled garden.
Did PWA's take off? What are some famous/big PWA's now? I can't remember ever "installing" anything in a browser as an app, or even being asked if I wanted to do it. Am I misunderstanding what they are?
I'm the OP, I use a lot of PWAs. My main machine is a Surface Pro X and I don't have native apps (as in native aarch64 binaries) for many of the things I'd like to use. So, I'm using PWAs for Instagram, Twitter, Kindle, Pinafore (mastodon client), Spotify, and some of my own.
I was developing a feed reader that was supposed to be a client-side-only PWA but that's tricky.
Off topic, but how is this experience using the Surface Pro X as a PWA machine? Does Windows / PWAs work well in tablet form? I was thinking of switching to a similar setup and using it essentially as you describe. Seems like it could be a really lightweight and simple computing environment similar to Chromebooks but still allows you to run traditional Windows apps as well if you need.
I really like it but I wish Microsoft would support FOSS developers better and provide more support and incentive for them to port more developer tools. There are almost no native aarch64 programming languages for Windows 10. If you keep yourself inside WSL then you're good to go because Linux under aarch64 is quite complete. On the windows side of things you'll probably running a lot of 32bits x86 apps.
Which is one of the reasons I like PWAs, they are ISA independent and are working pretty well here. Unfortunately Firefox doesn't support an add to homescreen feature on the desktop, so I used Edge to do it for the apps I want to have a nice icon for (such as spotify).
If you're going to use it much like a chromebook then it might be a tad too expensive to be justifiable. I don't regret buying mine at all, I really like it, but I'm sure they'll release cheaper ARM64 Surfaces soon, I'm betting on a Surface Go with ARM64 at some point.
PWAs haven't taken off because Apple won't implement full Push API support in Safari thus forcing you to go through the App Store if your web site or application needs push notifications. The App Store then complains if you try to publish an app that just wraps your web site so that you can have push notifications. It's... infuriating.
Sites could easily only prompt this after you've added them to the home screen. Browsers could, do?, also allow users to set a default of deny all notification requests.
The problem is that developers have to spend a significant amount of time and money to get on iPhones because of Apple's policy here. If browsers and devices fully supported PWAs developers could "write once, run everywhere". Instead we have to build separate apps and deal with separate release processes. It's a huge productivity cost.
Are you an Apple employee? If not, as a consumer or developer why are you not talking from the consumer's point of view? I don't want to install each and every native app. As a developer, I don't want to write and maintain completely separate native apps.
Further, if Apple were truly concerned with the quality of the apps in their store they would free developers from having to submit apps just to support push notifications. Less time reviewing and rejecting apps, less "low quality" apps in the store, happier developers, happier users.
PWAs are also useful where you want visitors to be able to access a portion of a website while offline. I run a site that hosts audio tours for museums and walking tours. I use PWAs to allow visitors to quickly download the tour onto their phone in case they don't have a data plan or a portion of the tour will not have cell service.
Apple definitely makes it difficult to use them effectively. For example you need to use Safari on iOS in order to download the PWA - it won't work if you're on chrome or another third party browser.
There's a chicken/egg issue here. Apple's support for progressive web apps has been subpar, so it's difficult to justify the extra effort in making a PWA when a major platform doesn't fully support it. Which, in turn, means people turn around and say "why should Apple support PWAs? No-one uses them!"
The look depends on how much effort the developer invests. If you take Bootstrap, the resulting PWA looks like a website. If you take Framework7 the resulting PWA looks more like a native App (including animations and the like).
The key is the 'P': Progressive. A PWA is just a web app, but one that takes advantage of features you'd typically see in a locally installed application like local storage, notifications, etc. This might mean it has metadata to make it "installable" in browsers that support that, but I wouldn't say that's a requirement to be considered a PWA.
devdocs.io is the most successful example I'm aware of. I've never "installed" it as an app, as I don't use a browser that supports that (basically Edge, Safari or Android Chrome), but I've certainly relied on its ability to load without an internet connection for train/plane journeys.
DevDocs is great for offline documentation, and is entirely a PWA. You just preload the doc sets you're interested while online, and they will always be there for you when you need them. Automatic updates can be enabled for when you come back online.
How should PWA take off, when Apple with a high mobile market share refuses to implement basic APIs like the Push API and other browsers can't run their own engine on iOS? It is abusive, but who cares.
Ok I think I'll have to rephrase the question: are there many widely used PWAs that actually go one step further than being a web app using a few of these APIs (spotify, twitter), and actually try to "mimic" desktop apps more (installation, icons, fully offline etc)?
I think the original post is oversimplifying the new behaviour a little. If you look at the other blog post on ITP 2.3  it says:
> ITP 2.3 caps the lifetime of all script-writeable website data after a navigation with link decoration from a classified domain.
i.e. the 7 day timeout for local storage only kicks in if you've been redirected from a domain that ITP has classified as one that tracks users. So, for example, web apps that users navigate to directly will be unaffected.
> If you look at the other blog post on ITP 2.3...
why would you look at the old blogpost for the new behavior?
It's all web pages, regardless of classification or redirects. The new webkit blog post is quite clear:
> Now ITP has aligned the remaining script-writable storage forms with the existing client-side cookie restriction, deleting all of a website’s script-writable storage after seven days of Safari use without user interaction on the site
> website.example will be marked for non-cookie website data deletion if the user is navigated from a domain classified with cross-site tracking capabilities to a final URL with a query string and/or a fragment identifier, such as website.example?clickID=0123456789.
So my guess is you are fine most of the time, except if you allow other sites to embed your content in their page. In that case, you should:
- provide the embed on a separate subdomain
- remove features requiring identification if the content is view embedded: attempting to use them redirect to the real site.
Otherwise ITP will mark your domain as tracking and wipe you after 7 days if your user don't interact directly with the site.
I have a hard time deciding if it's a good thing or not.
I guess it has the potential to be mostly a good thing, provided that:
- I understood it correctly, which I'm not sure, as their wording is not clear
- It's implemented correctly. Once the deal is done, it's in the wild years, fix or not.
- It's implemented in good faith. Apple wants to promote the app store and has shown to neuter web apps in the past.
JWT tokens are irrevocable by design, or it would defeat the purpose. I would advise against issuing JWT token which are long-lived. Using "refresh tokens" are generally more prefered, as this gives an opportunity to revoke a stolen token in active use by the attacker. Even 7 days seems like an excessively large session time. That is 7 days a stolen token can be used to forge an authenticated session.
My guess would be that if your user uses service site.com, calling using microservice micro.com, then you have to store the JWT in the localstorage of site.com, but cannot store it on the localStorage of micro.com.
As far as I understood this is not a "list of trackers" per se but a "list of websites that track you when you navigate to another website from them" and people don't navigate away from the Google Tag Manager or Google Analytics domains because they don't serve content with links.
Could someone please change the title of this post? It's rather inaccurate and spreading FUD... legitimate offline web applications are not going to randomly lose their storage abilities in Safari. Tons of people read this (admittedly hard to follow) blog post quickly and then took a nose-dive into their own hot takes.
Hoping Webkit pushes another of these posts later to clear things up.
I have an app which isn't offline, but I wanted to make use of IndexedDB and LocalStorage to make things faster for users. Now I wonder if it's worth the effort to even try. I think this pretty much kills the utility of all local storage initiatives.
My app is an inventory control system used by businesses that build electronics (https://partsbox.com/). Deleting client-side data after 7 days is ridiculous. You can't assume that people will always log in every week, in small businesses or design/manufacturing companies there are times when 2-3 weeks can pass without building new hardware or touching inventory.
Both your and Apple's concerns are valid. This change makes the fact (arguably) that these local storages are caches apparent.
Some web apps already saw the danger of having an easily purge-able storage on the client side and simply implemented an export function for their tools. I admire those tools more than the ones who overuse local storage for everything.
One such tool is draw.io, a flowchart maker. You use the app, persist everything in local storage and when you are done, you export your project into a file, all happening on the client side. When you need to edit, you import the file on launch. It's portable, it's protected from browser bugs/decisions and imho pretty user (privacy) friendly.
With respect, I believe you are mistaken about what my important use cases are like.
I really hope the outcry about this is big enough to get Apple / Webkit reconsider. With service workers and improvements in browsers/cpus "PWA"s (aka web apps) were just getting to the point where they could compete with native apps for a number of use cases. And they had much better privacy / security policies. This doesn't completely kill that, but it's a big setback.
This depends on many factors but a PWA can be inspected by third-party using the browser developer tools which makes easier to find out about its communication. You can do that with proxies and other heavier tools for native apps, but it it requires more skills than the former. Also the web platform is very private, you don't get access to files and many other features without user consent. Native apps might not be like that even though Catalina is going crazy with the permission dialogs.
The sandbox, while questionable at first, has slowly been improving and at this point gives the same features as the web you're describing. If anything I find the APIs more feature complete, albeit less well documented as... well, let's face it, this is Apple and macOS we're discussing here. ;P
I'll also note that "requires more skills" seems like a bit of a blanket statement to me. They're just different sets of skills.
I'm an engineer at a platform that makes it easier to build privacy-friendly apps. This means that all apps on our platform have app-specific private keys stored on the client side (in localStorage), and they never touch a server.
With this change, you're essentially "logged out" after 7 days of inactivity.
This is pretty a bad user experience. I honestly am not sure how to mitigate this. MacOS Safari might not be a massive market, but iOS Safari is.
Any thoughts about how we should address this change?
Being logged out after 7 days of inactivity could be a little bit annoying but I can live with that, as long as I can log in again.
I could be misinterpreting your comment but are you saying your keys are simply destroyed upon this “log out”? Then I’m not really sure why your platform was considered working in the first place, if it’s tied to a specific browser of a specific device and won’t survive a clearing of storage which any user can do at any time for a variety of reasons?
What if someone accidentally erases everything because that’s what they’re told when something doesn’t work right? Answer: it’s volatile storage in the first place, and a tiny one at that. Heck some browsers can be configured to erase everything when closed (when operating in non-incognito/private mode).
I can't think of any, they're all the same topic as far as I can see. The WebKit blog post has a little bit about third-party cookies being blocked but everyone quickly moved discussion to the script-writable storage cap.
I'm confused, or seeing confusion, over some things in the comments here. "We don't use Safari in our app..." We're talking web apps: you know, web sites with functionality. You don't exactly have control over which browser your users use. And in iOS, everyone is using 'Safari' even if it's Firefox or Chrome wrapped around the rendering control. This means you have to assume that the policy affects any visitor from any web browser on iOS. Technically, the other browser vendors can siphon the data into other storage to their users' benefit, but I don't know how likely they are to do that, nor whether Apple would approve them with such changes.
Do you mean that you deploy a 'native' app that's really just a wrapper around a web view that would also be just Safari? Same policy applies, but now, you have the option, in native code, to siphon off data and put it into Real Storage.
Sorry, I wrote this blog post too fast because I was/am a bit angry and didn't notice my usage of jargon without explanation.
It is a “Progressive Web App”. Sorry for the jargon usage without explanation. Basically it is a marketing term used to place some new web APIs and best practices into an umbrella of a “near native UX on a Web App”. What it usually means is that your application is:
* Served from a secure context (a requirement for the other APIs anyway).
* Has an application manifest (this contains metadata about your web app and is used by browsers and OSs to add icons, names, themes, etc)
* Has a service worker (which enables your application to potentially work offline beyond what other cache solutions did in the past)
So with these in place, browsers can offer a “Install this site and an app” feature which allows the site to open in its own window, with its own icon and name on the launchers and home screens.
Thanks for your reply :) I recognize often articles are meant for a specialized audience and shared here without the author even being aware of the site, so it's unreasonable to expect that everything be described to a total neophyte, but sometimes I have to laugh at the buzzword articles that get posted here about how to implement foo in bar on baz, using a fizzbuzz framework running blarg, and I have no idea what ANY of those things are, having worked in tech for decades :D
The argument would be stronger if the post got into what privacy protection in Safari isn’t available in the Apple News app. Instead there’s a seemingly random plug for a content blocker app I’ve never heard about, which upon further inspection happens to be sold by the author.
Sure you can do that. But now you need a Mac, probably an iOS device and pay $99/yr to Apple. If you're just providing a small one-off solution for a particular problem that you're not monetizing, the above may pose a serious problem.
For example, I (used to) maintain a tool that is essentially a save file viewer, but must store some data for decryption of said files. It's an Electron app, but could work as a normal website for the most part as well. I got a prototype of that up and it stores the required data in local storage. I don't want to maintain and host a backend for it, and I'm not too hot on paying Apple's developer fee for it, either.
You may say it's a fringe use case, and it probably is, but it's very much legitimate. I don't know why they couldn't have made storage for longer than 7 days with an extra permission to be requested.
Honest answer, it depends on the app. For some cases sure, just throw it in cordova and be happy.
It is my own personal take that PWAs are more powerful than we give them credit and that they could be used for private apps without backends where you leverage the benefits of web distribution while keeping data private. Doing the native/hybrid app forces you into dealing with gatekeepers, distributing on the web does not.
There's swathes of apps that will never be allowed on popular app stores (gambling, porn, sometimes apps that Google or Apple doesn't want competing with their own services). You can created a native app but it'll only be usable on Android.
Native applications also require acquisition of a Mac and a $99/year membership (iOS) and $25 (one-time fee for Google Play). A web application is mostly hosting costs which can be near free if you use the right cloud services.
I don't know of an alternative that will let me develop a small tool that will be free to develop and distribute, is not subject to restrictive store policies, works on desktop and mobile and is capable of things like accessing the device's camera and location when necessary.
I'm personally a fan of PWAs because they can't secretly write identifiers to my phone's SD card, they can't extract my contracts, they can't monitor my location in the background, etc. Sure, modern smartphone operating systems allow you to set up proper restrictions, but that puts the responsibility of making applications behave on me instead of on the phone.
Sure, native applications have their place (geofencing, native performance, file system access, system APIs) but in my opinion so do PWAs.
If you don't have a backend and don't want to use sqlite or something externally you can't save your data with the expectation it won't get erased. Before this change someone could manually clear storage, running out of space could trigger erasing this, etc. Now things clear after 7 days.
If you care about saving that data forever don't use local storage. Just like don't expect cookies you set on the client not to be modified by the client.
It is fine if your apps use only 1st party scripts and not 3rd party scripts.
> If your web application does experience website data deletion, please let us know since we would consider it a serious bug. It is not the intention of Intelligent Tracking Prevention to delete website data for first parties in web applications.
It’s always been impossible to rely on local storage for long-term use.
Users clear their caches. They swap browsers. They swap machines. They use their phone instead of their desktop. They use private mode, or sand boxing. They re-install their OS. They buy a new machine.
Don’t be lazy. Using local storage without a backup is not acceptable.
And what kind of ‘progressive’ web app expects all the features in every client? Have we forgotten what progressive means?
Don’t be entitled. You are not more important than your users.
Based on the blog, it sounds like he wants to downloaded RSS feeds to the user's device, and not store them on his server to speed up development (all those complaints about FAANG being able to develop at web scale and him not wanting to run a backend).
Then, if the user clears cache or changes computers, they lose the stuff they were following and have to wait for new items, but it's not the end of the world. They might even expect it if you name/describe the app a certain way.
E.g. if you download an app called "Podcast Downloader" that says it just downloads any new podcasts from feeds you follow for your later offline consumption on your current device - you might not expect a podcast on your phone to magically jump to your desktop without a re-download from the original site.
Seems like it could be a valid trade off if it lets a front end only web dev publish apps he couldn't publish otherwise because he can't/won't do backend. Storing user media on the backend is not cheap. The company I'm at has spent months of developer time moving over from Google to Amazon, for example, just for infra cost improvements that come from serving terrabytes of data off one instead of the other.
I already have a comment on this subject in a thread here but I believe this should be stressed more explicitly.
Apple didn't kill offline web apps. You can always add an interaction to your app which exports the stored data into a file which then can be saved by the user. It can be done entirely on the client side as well. If anything died here, it is the implicit consent by the user for allowing unnoticed storage space consumption. Implementing an export function will automatically make your app portable, which is always appreciated I believe.
Most data on local storage is some kind of structured tree, table or blob. All can be exported with only little effort.
HTML5 games -> Prompt user with a dialog to download saves/assets after they play the game for a while.
Productivity apps -> Detect "ctrl/cmd + s" to prompt a save dialog. Add save buttons somewhere visible.
Map like apps -> Do nothing. If the user is not visiting the map for 7 days, they don't need the map data persisted either. If necessary, allow explicit save with UI buttons for people who travel often.
Apps/sites which use local storage for auth related artifacts -> Notify users if they click "Remember Me" and explain them the caveats. Allow for encrypted save if users ask for it.
Kiosks -> Use Electron or a similar tech.
I am open to counter arguments. I don't have any idea about how mobile browsers behave for the scenarios stated above.
Edit: I use draw.io since last year and the experience there is as refreshing as it can be in this SPA jungle. I use it as a good example to learn from for my own web app projects.
This might technically work, but is an absurdly user-unfriendly.
Name a modern game that required you to manually manage game state files, let alone didn’t have autosave. It’s a feature users expect, and they’re going to have a bad time. I don’t want to play a quick game on my phone and have to remember to save and where I am keeping my save files.
I’d argue a far better options would be just to treat local storage as a permission like camera or microphones.
While I agree that it’s ideal to treat localstorage as a permission, as someone who has played a lot of games over the years I can tell you that I wish I could manually manage game state files.
The current way iOS does it (either keep the game installed forever or erase all your progress when deleting it) is a huge barrier to me getting invested in iOS games at all.
With “save progress to file” (and loading), I would be a lot more comfortable.
I would still want autosave though. No way do I want to go back to the era of “oh all my work for the past 6 hours is just gone?”
Our suggestions are not mutually exclusive options. Both can coexist if the developers are ready for the implementation burden.
The issue with the permission model is there has to be a mechanism to prevent overuse which I believe is always worked around by annoying the user with the prompt as often as possible until they concede.
I don’t even play games but I wouldn’t expect a web game to store all of its metadata in my local storage. I would expect it to store data on their own severs and only store active gameplay information locally.
My browser storage is not a game developers long term storage, its a cache.
Cookies can be used for storage for up to a year, but it’s commonly accepted that browsers vary in implementation of this based on user settings. So why wouldn’t user settings exist for other kinds of permanent or session storage? Google Chrome is so dominant in both browser-making and standards-making that we’ve forgotten the browser — and user — is always king when it comes to the web. If users want permanent storage they will use alternative browsers for those particular sites. And while site authors can block Safari with a prompt, it’s then up to users to change browsers. Presumably for developers these will have knobs to tweak so local storage can continue working in alternative browsers on iOS the way it always has. Presumably Safari will eventually get a config toggle for this setting if it isn’t already there. Users already don’t notice when browser history is cleared, though advanced users will configure this by following instructions on Google. Same here.
> Google Chrome is so dominant in both browser-making and standards-making that we’ve forgotten the browser — and user — is always king when it comes to the web. If users want permanent storage they will use alternative browsers for those particular sites.
No, they generally won't. There also aren't really any "alternative browsers" on iOS, they're all Webkit-based.
> So why wouldn’t user settings exist for other kinds of permanent or session storage?
Nobody is saying there shouldn't be any settings or consent in this regard. What we get here is not a setting, we get one major player deciding that there will be no way to properly implement offline web apps on their platform.
I disagree that there’s no way to implement an alternative to Safari, besides Chrome there’s also iCab and other browsers that show not only a completely different UI but also innovative new features. Even if WebKit makes it impossible to remove this restriction, a third-party browser could find a way to intercept calls and keep its own local storage, read and backup native local storage, or provide other means to local storage via proprietary JS APIs, and if that browser is Chrome, it will gain traction. Especially if Apple changes iOS to allow users to change default apps.
>You can always add an interaction to your app which exports the stored data into a file which then can be saved by the user.
But... why? Drag the user through some dialogue to save a file locally / manage / be responsible for that and then deal with that whole deal? That seems like very... old / unnecessary.
The fact that applications store some random things locally to me is neither surprising nor a hassle. Browsers already cache files and etc. Unless I don't know something... LocalStorage and other non cookie options seem just fine / safe.
I get the concerns about cookies and such but this seems a step beyond what is needed into the realm of unnecessary / a hassle for the user.
Maybe I'm missing some bad patterns / dark patterns using LocalStorage and etc but it seems to throw them out with the bathwater.
I think that is reasonable ... maybe if the prompt is ... reasonable.
I'm kinda averse to the OMG COOKIES and other super technical warning type prompts that worry users, but really don't successfully educate them or direct them too good outcomes / choices. Granted education / good outcomes aren't easy tasks there, but what's the point of a prompt if the decision is made by an uneducated and just annoyed user?
I like the idea of empowering users, but not so sure about how we do it on the web / the best way to do it.
After the number of times my Firefox and Chromium profiles have been wiped clean due to browser or packaging bugs it's become clear to me that localStorage is not the end-all in terms of data persistence. It's always been a "best effort" rather than a guarantee.
Browsers offer a lot of useful functionality, but people increasingly expect them to be a replacement or substitute for an operating system, and in terms of being operating systems, they're all pretty lacking. Mozilla learned about this with Firefox OS (it was pretty cool though, RIP)
Well I've never lost anything other than the list of open tabs, and that's despite using alpha versions of firefox and chrome half the time. Cookies and localStorage aren't guaranteed but they're pretty reliable. I've had more trouble from native phone apps losing data than browsers on all platforms combined.
Then that's just my ignorance - I've never used Chrome OS, though I was heartened to see they were migrating to standard PWAs instead of proprietary parts.
I worked with Firefox OS back when Mozilla was seeding dev kits to software companies. It was a great concept but really seemed marred by bad hardware and then organizational paralysis. IMO this is one of the greatest missed opportunities of the last decade - an (actually) FOSS alternative to Android and iOS. No one else making attempts in this space right now has close to the same engineering experience as Mozilla.
For Safari, Apple adding any PWA features came off as them rolling their eyes, sighing loudly and then putting out a half-assed attempt to deliver years-old standards. And rather than switch to a unified extension architecture like Chrome and Firefox (which they were very close to in previous versions), they've gutted extension support to the point where you need can only bundle very limited extensions with compiled MacOS apps distributed on the App Store.
I don't really understand what Apple is even playing at by offering features but not taking them seriously. But I just don't think the LSO expiry move is _that_ user hostile in the scheme of things.
>I don't have any idea about how mobile browsers behave for the scenarios stated above.
That's the problem, it won't work there. Apples support for PWA's is frustrating to say the least.
It's fair that you might need consent from the user before storing and keeping large amounts of data, but by removing the option you are forcing a bunch of developers to make a native app instead of a webapp which I find quite infuriating.
Implicit consent is lack of explicit consent so yes, apple fixed the problem by inventing another one. The thing is, this new problem of missing the explicit consent is easier to fix than going all in with the implicit approach. Not sure if Apple will follow though.
Dear lord, I hope you don't have any UX design responsibilies.
> Apple didn't kill offline web apps.
Yes, they did. For an app to work offline, you need to be able to at least cache the app itself. If that gets wiped after seven days, you can't call your app "offline capable".
> If anything died here, it is the implicit consent by the user for allowing unnoticed storage space consumption.
What about the "implicit consent" that bandwidth is being consumed?
> You can always add an interaction to your app which exports the stored data into a file which then can be saved by the user.
That would be awful. Imagine being prompted to import your data every time you launch it.
Maybe that sort of works with document-centric apps that have no persistent settings, but even then it wouldn't be possible to integrate properly into the file system in the way users would expect (file assocations).
> HTML5 games -> Prompt user with a dialog to download saves/assets after they play the game for a while.
More like constantly reminding the user that their valuable progress gets wiped after seven days, should they make the poor choice to run the app offline.
> Productivity apps -> Detect "ctrl/cmd + s" to prompt a save dialog. Add save buttons somewhere visible.
Same as above, except the data might be even more valuable.
> Apps/sites which use local storage for auth related artifacts -> Notify users if they click "Remember Me" and explain them the caveats.
"I'm sorry, we made a decision to write an app with technology that, in hindsight, we shouldn't have used. Therefore, your user experience will now be more annoying. Thanks for sticking with us while we're rewriting the app!"
Your response sound a little angry but maybe the tone is lost in the text so I will respond in good faith.
> I hope you don't have any UX design responsibilies.
I don't. We are safe. :)
> For an app to work offline, you need to be able to at least cache the app itself.
You can still do it, for a limited time. Your mission critical app will work offline if you are not planning to isolate your device from the internet forever. I know this doesn't solve the issue but I believe it is the lesser evil.
> What about the "implicit consent" that bandwidth is being consumed?
This always bugged me as well. This is unexplored territory for all browsers if I am not mistaken.
> Imagine being prompted to import your data every time you launch it.
I don't have to. I use draw.io excessively and it prompts me every single time. I actually appreciate the experience but I am a sample size of 1.
> More like constantly reminding the user that their valuable progress gets wiped after seven days, should they make the poor choice to run the app offline.
If it is valuable, maybe browser is not the best medium for it. Here, Apple's anti-consumer practice with its App Store becomes more relevant than Safari's localStorage algorithms.
> "I'm sorry, we made a decision to write an app with technology that, in hindsight, we shouldn't have used. Therefore, your user experience will now be more annoying. Thanks for choosing sticking with us while we're rewriting the app!"
"In order for 'Remember Me' to work as you expect, please visit us every once in while <3"
> If it is valuable, maybe browser is not the best medium for it.
Progressive web apps are not "the browser". It's a platform to ship apps using web technology that integrate into the operating system pretty like any other app, at least from the user's perspective. It works well enough on Android.
If you have to explain to your users all the caveats that such an app has on their platform, it just becomes pointless. If it becomes pointless on iOS, then it becomes pointless in general. You might as well go with a Web View app then.
Of course Apple has never been all that enthusiastic about PWAs, giving half-assed support at best. It was never a great platform to begin with, but now it's effectively dead in the water, at least for apps that are expected to work offline.
Doesn't make sense, just ask the permission to use the local storage to the user if that is the deal.
But that is not the deal, the deal is that they fear that more and more developers are moving to webapps instead of developing native apps that need to pass trough the App Store and thus be approved by Apple, and they don't like that.
Also you could sync data to an API and offer a login function. If the cookie expires, login and download your data again. This could be end-to-end encrypted for privacy, and having remote storage enables other clients to login and access the same data. Either way it's wise to have some kind of persistence option beyond just cookies and localStorage.
It's annoying how far Apple is behind Mozilla and Google when it comes to progressive web app functionality, but I don't think their action is as user-hostile as is being raised here.
It seems like the Storage Standard  could be combined with the writeable-files proposal  to permit the same sort of behavior for local files-on-disk webapps as mobile apps receive, where they can download large asset files and store them on disk in a persistent cache:
This sounds like a death-knell for my personal project: a fully decentralized collaborative task/wiki, built on ipfs, and encrypted against your blockchain wallet. I had just migrated the backend from firebase, too, and was ready to re-launch the beta next week.
Pretty much any PWA that was using ipfs as anything but a caching/distribution layer is no longer viable. This is a huge blow to decentralization technology.
Sure, you can make a standalone app, but that is going to cripple already difficult adoption.
I'm coming from a decentralization tech background as well and was working on similar stuff. That's why I'm so angry at this arbitrary decisions by Apple. This is just them breaking something that has been working well.
Rather than wiping local storage/indexed DB data after 7 days, could you not just make it an opt in thing, like the camera or mic? For example, ask users "Allow myapp.com to store app related data on your computer?". If they allow it, then give access to local storage APIs, otherwise don't. That way users can still have fully local PWAs if they wish.
As an ardent PWA developer, this change annoys me immensely.
> Heck, they could even go further and ban apps from corporations like Facebook, Inc., and Alphabet, Inc., that have violating your privacy as the core tenet of their business model.
If Apple were to ban the Gmail app (and obviously block web access via iOS too because that would be a loophole otherwise), I would throw away my iPhone, swear off business with Apple, and search dearly for a way to sue them.
I don’t love the walled garden iOS represents, I merely live with it in exchange for great hardware and UX. If the bargain changes to be more restrictive, I would turn against it in a heartbeat.
Thinking about that, is no surprise Apple is striking out early to make web apps useless. If they wait too long, they will become entrenched, and people will feel like they have lost something if access is restricted. Apple really wants to jealously protect its control, and more importantly ability to take 30% tax of every transaction that they can perceive.
We use local storage for features in hubs.mozilla.com when most sites would use a database, because we want to minimize storage of data in our servers to increase privacy. This basically will now force us to store this data in our database for safari users, eroding their privacy.
I have a copy of my “DAT Shopping List” demo I last opened about 6 months ago saved to my iPhone home screen... I opened it, and the data was still there. I’ll be really sad when I open it again after iOS autoupdates and the data will be nuked.
Granted, this could turn out really well if the industry adopts another standard which requires user permission, overcomes this limitation, overcomes the existing limitation of LocalStorage on iOS getting automatically cleared when a device is low on storage, and overcomes the problem of sites being able to use up a lot of storage on users' devices without their knowledge.
I'd be very welcoming of such a standard. These could be good future replacements if the industry can adopt them:
Maybe I'm being cynical here -- I'm not a web developer but have lots of experiencing managing web-based products -- but if you want to have state you should store it in the cloud, because local devices are volatile. Xbox Live, for example, uses a fairly simple service for cloud saves for games; local saves still happen but any developer has the option to push saves to the cloud. The author definitely raises good points about how it's easier for developers to not have to worry about it, but cloud saves have some hefty benefits, like multi device support, user getting a new device, etc.
Yes, you're correct, but have you ever used an app that worked offline or performed well with a poor network connection? Or a website maybe provided wicked fast data access despite only having a 2G connection?
These technologies can be leveraged to improve usability. Unfortunately, advertisers and 3rd party trackers make it so we can't have nice things.
Safari already was lagging behind Chrome, Chrome forks and Firefox in a lot of feature adoption. This will only make it more of a "new Internet Explorer", a browser that sites recommend you NOT to use.
Lol, 50GB unexplained mobile data consumption. That'd be 3 months worth of rent on my mobile data plan. Good luck ever getting out of debt if that happened on some more expensive international roaming.
The article doesn't exactly cut to the chase. Here it is:
> "...But deleting all local storage (including Indexed DB, etc.) after 7 days..."
From the Apple announcement:
> Now ITP [Intelligent Tracking Prevention] has aligned the remaining script-writable storage forms with the existing client-side cookie restriction, deleting all of a website’s script-writable storage after seven days of Safari use without user interaction on the site. ...
On one hand, I don't like this direction from Apple because it's meant to boost Apple's proprietary app store business -- which directly competes with the open web -- but masquerades as a privacy issue.
On the other hand, this direction keeps web devs honest: local storage, service worker, cookies and other script-writable areas are meant to be temporary.
I see nothing in any of the specs that implies local storage was intended to be temporary? You could argue cookies, maybe, but even that I'd dispute: it is a user-agent, I should be able to tell it "don't delete my stuff". I already have browser controls over my local storage: I can go into settings in every reasonable browser and flush that down the tubes.
If privacy really is the thing, why can't I have an extension on ios to let me expire various cookies/storages on a per domain name basis, eg so I can write my extension to limit some cookies/storages to minutes or even seconds depending on how hostile or blacklisted such things are.
Other domains I'd actually prefer to be indefinite. I've got a notepad thing that uses local storage and doesn't store its data on the server. There's no excuse for deleting its data since its user data. Apple therefore has no permission to delete that data. Do I have a non-cloud workaround for that?
I wonder whether my irritation over this is strong enough to App up JustAnotherIOSWebKitBrowser with an extra API just for per site storage explicitly controlled by user. Literally to run a notepad and some kind of extension thing.
Its likely blocked by app store rules. Supporting extensions is probably forbidden.
Anyone care to be more authoritative based on their AppStore knowledge/experience?
Good question. The definition of a "progressive web app" is vague. What they seem to mean is a web page which, once you visit it, is cached locally, and thereafter runs locally. The web page accesses various servers, not necessarily ones from the same domain as the web page. Persistent state, if any, is stored locally. The page gets its own icon on the home screen somehow, so it sort of looks like an "app".
Apparently "progressive web apps" are supposed to have a browser service worker so they can get notifications pushed to them from somewhere, although it's not clear why that's essential. That would seem to depend on whether the function performed requires being notified of something happening elsewhere.
Apple apparently dislikes this because they don't get to force people to use their store, with their big cut of the revenue.
Is that about right?
Does this only apply to pages read through Apple's browser, or does it impact Firefox, too?
1. The app has an app manifest describing metadata about the web app, enabling it to be treated like an app (e.g. it can be installed)
2. The app has a service worker, enabling it to work offline like a native app.
3. It's served over HTTPS.
Those are the 3 technical requirements of a PWA.
There's also the philosophical direction of Progressive Web Apps: they're progressive, meaning they offer the app's essential experience no matter the device, but enhance progressively based on the device they're running on. That is, more capable devices let the app offer more functionality without blocking out users on lower-end devices.
> By now, most people are aware of the amount of surveillance and tracking that their web usage is subject to on a daily basis and how this data can be used in ways that do not match their own personal values.
The data for "Local Storage" is stored in ~/Library/Safari/Databases -- you will need to give Terminal access to the Safari directory as the current Sandboxing works both ways, Safari stores security config info in this directory and scripted malware could / can exfiltrate data and change values in this location.
To violate privacy (aka enable tracking) a sub-iFrame could be set up that uses "local storage" with a parent page security policy that allows communication across the iFrame boundary. Sorry, yes, I am being a bit vague.
Who cleans up ~/Library/Safari/Databases? I personally see crud in this directory from 2011 that has been migrated from older systems.
Almost not relevant now, but Flash also had a "local storage" system that was shared across all Flash Apps. It also allowed (before sandboxing) local apps to proxy and communicate (via shared memory) with any standalone Flash App on the system through any page that used the Flash plugin -- i.e any running web browser, violating all attempts to have web compartmentalization rules.
I think some threads have been merged. I am now seeing some posts that confirm what I say above, but were made earlier in time that I had not seen. My experience and perspective is from security and privacy defense, rather than "find the loophole".
[edited for clarity]
Is there any evidence that local storage is being used as a pseudo-cookie way of tracking users? If so, keeping local storage saved while regular cookies are being deleted would defeat the purpose of deleting cookies for anti-tracking reasons.
Interesting he ran into the CORS situation with PWAs. It makes sense. It feels like even PWAs aren't that far off from Electron. Sure you're not launching another browser and can share a browser engine, but you hit other limitations.
I'd rather have a real, lightweight, stand alone app most of the times honestly. I wish people would write more stuff in Qt5. You can bundle Python+PyQt5 together for a reasonable licensing fee. A great example is the Resolve color/video editor is written in C++/Qt5.
Our company has started shaming iOS. We tell users that because of a commercial policy aiming to increase their revenue from their App Store, iPhones and Ipads "do not support the Web 2.0 technology enabling powerful experiences for web sites and web applications, while Android and Windows devices have been supporting this technology since 201x". We briefly explain in one sentence that it would not be the best use of our resources to try to bypass Apple's technological decisions but that they should contact Apple for further information.
We then link them to a $30-$50 Android device that they can buy on Amazon and use as a second device to use our services "if they are interested in a more powerful web experience". We provide a basic version to all users, but put a shamewall for advanced features. Best use of our time and resources.
It is time to push back, stop making Apple's problems your problems. Educate people without ranting and offer them solutions, developers have the bad habit of trying to cover up this kind of non-sense and taking the blame while really Apple are the ones who should be ashamed. If people love your product/service getting a $30 phone to be power users and make their life easier and their experience richer will not be a big deal for them. It's all about educating them the right way.
Obviously I have no idea what your product is but if I got that message I'd just likely go to one of your competitors (assuming they exist). I wouldn't go and buy another device unless it was for an absolutely critical application.
Exactly. It sounds to me like websites that refuse to load in GDPR countries. Good, if you can’t support me I don’t need to support you.
90% of software engineering (or engineering in general) is finding solutions for difficult problems. Throwing up your hands and saying you refuse to support one of the most popular computing platforms is certainly a decision that any business is free to make, but then again as a consumer I’m free to make my own decisions as well.
What technologies does Safari not support that you need?
That’s a genuine question by the way. I’ve been frustrated by Apple’s reluctance in the past but since they implemented Service Workers things have gotten better. I still really wish they had Web Push but I do understand at least conceptually why they’d be hesitant.
... or find it really necessary. Banks, for example, have the clout to expect this kind of behavior. The built-up reputation and long-term partnerships a company and a bank build up can out-value all kinds of IT inconveniences.
I don't know if you meant from the consumer perspective, but if my bank started telling me what kind of a phone or computer I needed to have to use their services I would definitely find another bank! I'm not sure if clout is the right word for what what banks have, it's more like a kind of lock-in because of having to sign a million pieces of paper to change banks, that makes people put up with a certain amount of IT inconvenience, coupled with the fact that usually the competition is equally inconvenient.
I was responding specifically to the question "I would have to REALLY love your service to want to carry around an extra device to use it." Some people's banks require their users to carry around a rotating 2FA key dongle, for example.
In addition to what others have said, I think the effectiveness of this likely depends heavily on the target audience - to a non-technical user, this will probably come across as lazy. From their perspective, everything else works fine on Apple, so you must be complaining about nothing.
Of course, if everyone did the same, people would start to realise the problem might be with Apple, but the chances of all (or most, or even many) big web services deciding to alienate such a large portion of their (potential) customers seem slim.
In the general case, almost all websites and web apps don't need offline storage at all.
But the ones that do often need it for very business-enterprise reasons, and here Apple is taking a bit of a risk. I've watched companies hang onto old versions of Flash well past the sell-by date because for quite some time, it was the most practical platform to build a cross-platform videoconferencing client in. And once it's built, the opportunity cost to throw it away and switch to [OTHER_TECHNOLOGY_X] matters.
What did we expect? I mean how long is it now that Apple refuses to implement the Push API properly (which in turn is a basic requirement for many PWA use-cases). They clearly try to use their influence to defend their App Store revenue. And to make it look good, they do it in the name of privacy.
Offline Web Apps were already weak(i.e. CORS restrictions). Now they are even more useless with this storage limitation. You can't really blame Apple.. after all, Google claimed that offline web apps are nothing more than websites so that's what we have... I don't mind if Safari deletes offline data stored by websites every week so why would I complain about "offline apps" ?
My point is that Offline Web Apps (i.e. PWA) that are installed on user's desktop should have a bit more permissions than websites but people in charge(google, apple etc) seems to think otherwise.
As for as "persistence" is concerned I really care only about offline PWAs. Why would a website need offline data after 7 days? It would improve performance, that's true but everything else should be "fresh" unless that said website wants to actually behave like an "app".
Maybe the "website" should ask the client to be installed as "app" if the user wants to take advantage of persistent storage(and other "app" features) . Asking the user to install(which is actually just a kind of bookmarking for PWAs) isn't that much of an effort if the user is planning to use it regularly.
I made one of these. We generally expected users to be offline for at least a week. Probably using the app regularly on their respective devices (but possibly not), and syncing data again when they had a good internet connection. Uses Dexie and React, syncs with a horrible Drupal site. It's always going to be uncertain to rely on a database held at arm's length by the browser, but in practice it worked incredibly well on all manner of devices. I guess it won't anymore. (Thanks, Apple!).
This is absolutely a necessary change on some level, but I think if Apple wasn't in complete control of a web monoculture (and obviously uninterested in anything that doesn't sell more iPads), it would be possible to steer this API towards that without breaking a bunch of peoples' stuff.
One of the pages linked there just says local storage is used to store stuff... yeah? It's still not as wide open as cookies.
You could use local storage while doing other things, but i'm not convinced it's a serious issue with tracking or etc. ... and if ANY storage is considered an issue I think we're in for a big snowball effect on what we should or shouldn't allow from ... anything, including native apps, etc.
I get that controlling the walled garden is apple's mobile strategy now, but this is costing developers so much blood sweat & tears.
Both xcode and android studio are heavy + horrible compared to web, and the fact that you have to use both tools to release at scale makes them worse. Shopify wrote a dev post a few months ago saying 'we're react native as much as possible now' and claiming it makes life easier, but react native is worse than PWA because you still have to build for mobile 2x and deal w/ app store nonsense.
If PWAs supported push on ios, with or without cookie expiration, they'd be the preferred launch strategy for most non-game apps.
Hasn't aggressively controlling the walled garden always been Apples strategy? I don't see them changing any time soon. iOS didn't even have an app store initially, and it took a lot of pushing for that to happen (they realized Android was going to eat their lunch if they didn't).
Since when was software freedom synonymous with we should all want to use PWAs?
I’d be happy if Spotify gave me an API key and essentially went away except for a monthly bill.
But software has to be a product the masses get first to get made in our world.
I’m glad some folks are having their itch scratched but free streams are more than enough and I can wrap them for consumption as I choose.
Once again building your life around importing someone else’s priorities turns into an exercise of despair from not learning how reality doesn’t stand still no matter how hard you hope it will this time.
I have many useful files in my computer, which I don't want to be deleted. You are saying, that it is ok, if the OS deletes all files in my computer from time to time.
A local storage is the only way webapps can store any data in your computer (other than asking you to manually load / save some configuration file). Not all webapps can afford cloud storage for all user.
I am not saying that it is OK to delete all your files. I am saying it has always been like that in the case of a browser's local storage.
As I said, that use case was out of the window long before. From the start, as far as I know.
No browser has ever given you any definite promise on whether your local storage data will be kept. That's also true for IndexedDB. So you need a mechanism to restore that data, be it cloud storage or something else.
If you wanted to support Safari private browsing, you even had to deal with local storage not being available _at all_.
I disagree. The IndexedDB was introduced as a permanent way to store data (which is not deleted after closing a website). As it is the only available standard for permanent storeage, I think it should be deleted only if the user asks to delete it (the same way you delete any other file in your computer).
Of course, browsers are free to do whatever they want. But the user can (and will) switch to the software, which does what he or she wants.
You disagree with the status quo implemented in browsers or you disagree with the decisions that were made years ago (by browser vendors), because you basically cannot guarantee for that (disk full, privacy settings, private browsing, etc.)?
It's different if there is a technical limitation (disk full - computer tend to barely function in this state anyway), or the user has opted in to ephemeral storage. But to not give users the choice to store things permanently is quite a severe restriction.
There is no guarantee that the data will be persisted permanently. Users can erase it by mistake easily using privacy settings. There's also quite ambivalent size restrictions. And last but not least, Incognito mode, which also is implemented in a number of different ways in practice, depending on the browser.
Basically, you cannot be sure that you can use it to persist data at all.
Size restriction will cause error at write time, it won't silently delete data. User error is user error, that's it. I know user who was deleting files in his Windows directory to free some space. Incognito mode is not intended for web apps usage, it's more for porn and things like that, I don't think that it's very relevant.
It works for majority of standard cases and when it does not work, user will receive error message, so he'll be aware. Not the case for Apple devices anymore.
There should also be an reliable upgrade mechanism, so the app alway upgrades successfully and completely, no intermediate states where a network or other error would prevent offline functionality from working.
I absolutely don't have that expectation. I built a comic reader app that I use on my Android tablet, which saves files to IndexedDB. I've been using this for over a year and no files have ever been deleted, even after I stopped using the app for a month or so.
If Apple provided an alternative this would be ok. An alternative such as the native file access API (still a WIP). Or a prompt so that the user can allow long-term storage. Or supporting the web app manifest so that users confirm they want to "install" a web app, granting it greater permissions.
But they've offered no alternatives here, that I can see. They've determined that client-side web apps are simply not important.
Wait, does that mean that the only way to keep a login session for more than 7 days will be by using cookies? This seems like a terrible idea. Cookie authentication doesn't make sense in several scenarios, especially when working in a CORS context.
For webapps that keep a session token stored locally, this will be inevitably wiped, so users will have to re-login after that time. I can already hear the complaints coming. Should devs now build a back end just to keep the token, and connect there with a cookie?
Actually, Apple has crippled non-PWA apps. I agree that Apple does seem to not want PWAs to succeed based on my experiences with them on my iPhone, but on the other hand this effectively does not apply to PWAs that are added to the user’s home screen since the counter only runs every day Safari runs but homescreen sites have their own counters.
I worry that 7 days is too short of a period even then, but I do agree indefinite local storage does not make sense in most cases.
Offline web apps are direct competitors to apps from the Google play store and Apple app store. You can't expect Apple to be fair to them if they are missing out of their 30% for every USD of revenue on those web apps.
This just sounds like a great reason to not use Safari. I switched to iOS recently, but I’m a dedicated Firefox user, so I personally don’t touch it except when I’m forced to by other apps opening links. (I was honestly REALLY disappointed in Apple when I realized that you’re not allowed to set a default browser besides safari, but that’s another story)
Forgive me, I’m a long time Android user, but do a lot of people choose to use safari as their main iOS browser, or are the usage numbers inflated because of the vendor lock in?
To be clear, only the rendering engine is fixed on iOS. Chrome, FF get some leeway to build other bits of the browser themselves on iOS, such as the netstack and the UI. But all new web features are limited to what webkit supports bc, well, it's webkit.
I don’t remember ever seeing this usage pattern in the wild? As far as I understand, it would always have resulted in data loss whenever users chose to clear browsing data. There also wouldn’t have been any natural way for backups or synchronization.
A browser plugin might be one way to achieve something like this. Personally, I really don’t care about the data my feed reader has, so I wouldn’t mind even public data storage backends, like gist. Or steganographically encoding my list of feeds and uploading it to porn sites :)
I commented about this in a different thread about the same topic earlier today, but I'll post here as well.
I can understand Apple's decision to do this, as there's a lot that can be improved about offline storage on the web:
* asking for user permission (i've seen demos try to exhaust the users' storage, and trackers can use this to invade privacy)
* async writes and reads
However, making a change like this with no suitable alternative leaves PWA developers stuck in a hard place. I'm not sure what can be done in the short term here.
There's a few web specs that address these issues. I'd love to see them come further along, and maybe improve things for developers and users in the long run. If anyone knows, is there anything that members of the community can do to support these efforts?
A bit offtopic, but the following is my basis for interpreting privacy-related claims from Apple.
I noticed a text editor I bought from the Mac App Store, iA Writer, includes silent spyware that transmits your activity back to the developer without notice or consent (thank you, Little Snitch). Apparently, I "consented" to this in the Mac App Store ToS (right).
When I left a negative review on the app, their response was "we aren't doing anything not permitted by Apple in the App Store".
I don't use App Store apps any longer, and I take most of what Apple says about privacy with a huge grain of salt.
PS: OSX phones home to Apple in about a dozen different ways even with iCloud entirely disabled and all reporting/telemetry/feedback options turned off during the OOBE/setup. Try doing booting a fresh install of macOS with Little Snitch, but disable the Apple/OS exemption in Little Snitch's rules. I was astounded. Dozens of things.
I wonder if there's any major, widespread GUI OS in a default configuration that does not transmit to your ISP and third parties (including government snoops) when you open a local text file to write. I block all of these requests; most do not.
How does this make sense logically? Obviously the websites that you use the most have the biggest potential and opportunity to track you. All local storage should be deleted for the most used websites at random times, at avg. several times a week, without any extensions caused by recent website usage.
I don't really understand this. If you want to make something local, make an app and distribute through the app store, that's what it is for. A web app on the other hand is connected by definition, no?
Apple forcing local apps to distribute through the app store is a feature.
> A web app on the other hand is connected by definition, no?
No, not in the era of "progressive web apps", which is really just a little bit of branding around interconnected APIs. The Cache API in particular means that a webapp can be downloaded and made available offline on a permanent basis. Unless it isn't actually permanent at all, which is what Apple are doing here.
The web and the App Store are just delivery mechanisms for code with different trade-offs built into them. Apple have added an extra trade-off on the web side in the name of privacy.
Having worked on a cross platform application that defined the UI via HTML I'm still kinda confused about this use case - it's super trivial to wrap a set of HTML + JS in an app that's essentially just a full screen webkit/whatever window and distribute this.
The advantage of PWAs then seems to be the ability to dodge the app store certification which, while onerous, is not a bad thing for your clients.
This is equal to saying “I’m ok with Apple having a censorship monopoly of what an iPhone can run”. I don’t think the majority of people here would agree with that. I also don’t think users buying a device that is supposed to support web apps would be happy to find out that in fact it doesn’t. I’m one of those very unhappy users.
To an end user there’s an icon on their screen, they tap it, the app opens. It didn’t matter if they downloaded from the AppStore or from a website. This is no longer the case which is why the OP is upset.
Let's say you use an app that allows you to add Todos. You've added 30 Todos. No internet needed, it's always just worked. You go on vacation for 10 days. You get back, you open your app. No Todos...all gone. Very simple use case that is now broken.
Yes, you as the user could wipe those out. But now Apple is doing it just because you didn't use it in 7 days. And the user will not blame Apple, they won't even know Apple did that. They will blame the app developer, who in the interest of privacy didn't want to push your personal Todos to a database online.
Again, just a contrived example, please don't go down the road of why a server should have been used. Let's stick to the use case described.
I actually have an old phone that I used as a remote-control for my home-threater PC. No connectivity needed, but the phone did everything I needed. Move the mouse, act as a keyboard, and mostly raise volume / change channel.
Phones are computers. Even if you remote all connectivity to the outside world, they still function as well as any PC from the early 90s (or earlier). A huge amount of compute power, tons of storage, etc. etc.
Its not, at least not based on how the OG article is written. If you open your bank app it automatically tries to log you in if you saved your credentials in the past. This seems to say that if you don't use the app for a week it'll wipe that out. No one expects that.
No, it's a grab for money. Releasing an iOS app requires Apple hardware, X-code, and an Apple developer license which is $100/yr.
Where as developing a PWA can be done on any hardware, and would be natively cross-platform. An offline PWA does not require an active connection, and in fact is the one of the reasons behind the idea of developing a PWA instead of a general webapp or website.
All other browsers allow the use of local storage to optimize and enhance your experience by allowing things like pre-loading data or storing your preferences. This disappears with the decision Apple made to clear storage.
It's not just about the revenues of $100/year. It's also the revenue from 30% sharing of profits. And most importantly, it's the bigger revenue generated from having apps that work only on iOS, which drives users to buy iPhones and iPads.
(Looks at home screen)
Slack, Jira, LastPass, and Netflix. All Native apps that are free via the App Store, and all with the subscription model that I pay for. And for most of those I can’t even buy the subscription from inside of the native app, so Apple gets no money from these
I'm posting pseudonymously here, so please forgive me for not citing personal examples, but the normal web apps for accessing quite a few popular services are now PWAs. Spotify famously started looking into using a PWA after some issues with Apple regarding the cut taken with a native app. Uber is another well-known example.
Yes, and they shouldn’t be taking a cut. Their services initiatives are bad for them and the users of said services. But as someone who did two tours in their services arm, it is overwhelmingly likely that the reason that WebKit is making these changes is their stated reason of making Safari more resilient to the attacks on their users vectored in by web badness.
Does Apple also not care about the huge cut it takes for everything sold via the App Store?
As lliamander said, if they don't care, why not make it free? I don't for a moment believe the argument about creating a barrier for negative actors. They could still screen apps before allowing them into the App Store, and if that mechanism is working reliably then the charge is unnecessary as a deterrent, while if it is not then the financial deterrent isn't going to be enough to stop a lot of people willing to make these kinds of apps anyway.
The whole point is that those PWAs probably never got built in the first place because the foundations were always shaky at best. It's a chilling effect.
But if you look at native apps, especially ones I use on desktop OSes, they're dominated (at least in my usage) by offline-first or offline-only apps---and for me, this is a feature, not a bug. This doesn't have to mean they don't have sync, by the way, it just means that's separate from the main functionality of the app.
A perfect example of this is Dropbox: it syncs to your local disk by default. It's easy to forget how valuable this is until you go camping (or similar) and suddenly you realize you forgot to star that one directory you care about. Now your mobile phone is useless, but your laptop works no problem. And due to this being factored out into a separate app, all my files now work regardless of file type (I don't need separate offline support in every app I use, since that's the default).
The whole point is that you don't need to download a big payload just because you haven't used it recently.
There are two ideas that go together well:
* The app can work offline
* The app doesn't need a server to function
Neither of those prevent a sync function from existing.
Right now, apps can do both of those. Why don' we want PWA's to be able to do the same? Why do I have to go through Apple's walled garden in order to so? Especially when said alternative is in a sandbox?
It's no less of an issue for an online-based PWA. Where do you store login credentials or session tokens? In local storage. What happens to them when Apple decides to arbitrarily throw it away? The user has to log in again and again.
This sounds like a seriously poorly thought out idea. Want to clear tracking data from random websites I've been to? That's great. But you don't mess with the data stored by apps I have specifically _chosen_ to install on _my_ device.
I roll my eyes every time robinhood makes me login again after an app update... though it hasn't happened in a while, so maybe they fixed that bug, but it was annoying when it's an unexpected hurdle that doesn't follow what other apps are doing.
> If you want to make something local, make an app and distribute through the app store, that's what it is for.
Have you ever gone through the app review process? It can be frustratingly capricious, which makes it very expensive. We've had features in our app for years, displayed in plain sight, and then all of a sudden they decide to block an update because of these utterly innocuous features. No rhyme or reason, and now we've got to spend dev time fixing a "problem" that never was a problem before. And we have to delay our entire update because of it.
PWAs offer a way around that uncertainty and added cost. There's also the cost of a developer license, and the Apple hardware you have to buy to run XCode (and probably iOS devices too, so you can test IRL).
Apple's app store is a walled garden. The web isn't a walled garden. TFA wants to be able to operate outside the walled garden.
EDIT: Also, it's probably cheaper to develop one PWA than a PWA + N native apps, even if N=2. Probably lots cheaper. Now, perhaps there's a way to build a native app that is just a wrapper around WebKit/Safari and a PWA, but you'd still be subject to Apple's walled garden. For example, think of Gab or some such website whose apps have been banned by the various app stores...
Your app needs to be downloaded the first time too. In fact, a downloaded app can run riot on your filesystem. A web app runs in the "cage" of the browser, and is arguably more secure and explicit about permissions it requests.
"... can run riot on your filesystem"? Citation needed because an app is as heavily sandboxed as a web page running in a browser. An ios app gets no view into anything you as a user don't choose to give it (no access to photos, etc).
I mean, if you give the app access to your filesystem (which a lot of non-tech users would, almost without thinking), it can potentially access/modify/delete your files and folders. With PWAs, that's not really a possibility.
At one point, Apple was denying some app store reviews because they said they should be distributed through PWAs instead. If this is supposed to be a "feature", it seems like some product manager has their head up their ass.
Also, the entire point of PWAs is that they are supposed to have feature parity with local apps, but delivered via the browser. This change is obviously counter to that goal.
As should you. It’s not that an app ecosystem was never planned, it’s that it was not an early priority. Remember they were literally defining everything at the beginning - OS, UX, APIs, core features, hardware, first party apps, market positioning, etc etc.
Needs of third party developers weren’t nearly as important as nailing the basics and ensuring a risky project was a success. The html5 app bit was a way to test the waters for developer interest and demand but very much an interim solution.
Jobs’ hot takes aren’t the end-all when it comes to product intent at Apple. He was basically an embodiment of strong opinions weakly held. His superpower was focusing teams on what the right set of features would be to create a product that made sense to the market, and ignoring everything else. The phone / iPod / internet communicator trifecta was example of this - nothing but nailing those three mattered at launch, and any effort elsewhere was wasteful. Without that kind of leadership, eng teams will often dither efforts over many things that don’t matter to success.
The history of Apple is filled with examples of this dynamic. iPhone was a group effort among many talented and influential people and I doubt Forstall and others driving software had same opinion on third party apps. They just didn’t pick that battle before it made sense to. Every other computing platform at the time (including Windows Mobile, Palm, and BlackBerry) supported third party apps, it’s not like the use case was novel or difficult to see, and the webs limitations were considerable. Adding apps was a default path temporarily set aside.
That was not the plan, that was the stopgap. Apple (and even more the networks) were very scared that native apps would have unregulated access to the radio, and would mess with the cell networks. Web apps were the quick-and-dirty way of putting third party apps into a sandbox while Apple worked on APIs that would enforce that sort of sandbox for native apps (what they have now).
> Now ITP has aligned the remaining script-writable storage forms with the existing client-side cookie restriction, deleting all of a website’s script-writable storage after seven days of Safari use without user interaction on the site.
If a website hasn't been used for 7 days, I'm happy for its data to disappear and save space on my device.
If a website hasn't been used for 7 days, I'm happy for its data to disappear and save space on my device.
You might be, but maybe not everyone is. I've worked on apps based around multimedia content where downloading in advance to watch or listen later was a big deal, because a typical user also travels a lot and might well be going away for longer than a week. Even if they can get the same data again next time they're online, it might still be much slower and more expensive for them to do that on an international data plan instead of back home.
Then wouldn't it be appropriate to offer a native app to offer that functionality? A web browser in 2020 is a place to run vast swathes of untrusted code safely; it is not a digital workstation platform, that is the job of the OS. If what I am downloading from you is important enough that I want to have it even offline, then I trust you enough to install your native app.
A web browser in 2020 is a place to run vast swathes of untrusted code safely; it is not a digital workstation platform, that is the job of the OS.
I'm not sure how much that assumption really holds any more, nor why it should necessarily continue to do so even if it has so far. Technology evolves, and so does how we use it. In the case of the web, and web apps in particular, they have evolved to satisfy a need for convenience in software distribution that many traditional desktop OSes had hopelessly neglected for a very long time and where the developer experience for native mobile apps is less than ideal.
I appreciate your comment about the trust issue, but the bottom line is that these technologies do serve a useful purpose for some people -- I have the customer feedback at my own businesses to make that clear -- and the experience web developers can offer on Android with PWAs will now be significantly better than what they can offer on iOS.
The fact that that is possible does not change the role of the web browser in the modern computing experience. If you want to build an entire VM that runs in Electron, be my guest, but that's orthogonal to the issue of how Safari should handle storage by default.
The fact that that is possible does not change the role of the web browser in the modern computing experience.
But why shouldn't new possibilities change the modern computing experience or the role of browsers within it? Millions of users are benefitting from new capabilities of modern browsers, even if they don't know the details any more than they know what goes into any other software they use. Why is local storage of data, or the idea of a PWA more generally, special in this respect?
I'm sorry but I find this argument utterly tedious.
A webapp is "an actual damn application". Can we just dispense with the repetitive arguments about this every time anyone so much as mentions adding interactivity to a web page?
No, that is trivial to do: just make an actual damn application.
So trivial that all it needs is learning a completely new skill set and tools, signing up for a gated distribution mechanism that can kill your application on a whim if you violate any of the rules over which you have no control, and then giving a huge cut of your revenues to the rent-seeking platform owner?
The web has been more than just text documents since around the turn of the millennium. It's probably about time we stopped ignoring 20 years of very popular evolution and pretending that what might have been "intended" before a lot of people reading this comment were born should still guide what we build today.
> What the author is complaining about is that it’s impossible to make a text document that pretends to be an application that stores data in ways they were never intended to be stored.
You must've been not following things. The web platform is an application platform and has developed to that end, for many years.
Progressive Web Apps are applications based on standard Web APIs that are designed with the intent to enable offline-capable applications with persistent offline storage of significant amounts of data.
> No it’s not. Using it like that is a lasagna of dirty hacks.
First it's a bunch of dirty hacks. Then it's an informal convention. Then it's a standard. Lots of technology evolved that way.
All the stakeholders driving the web standards forward are focusing on making it a more powerful application platform.
> The web is for structured text with hyperlinks, everything else is bullshit that doesn’t belong on the web.
That's your personal opinion on what the web platform should be, not what it is. Of course it's a crappy platform in many respects. Of course a lot of people don't like the way it goes. It doesn't matter.
If you are distribting a PWA through e.g. electron the user does not have (easily) the means to delete the cache.
Web app is a misnomer in that case, they are just applications running inside a somewhat hidden browser.
The problem is, that it rarely happens under normal circumstances. So you might build a logic which synchronizes your data to the server but rarely has to download it as most of the time it still has a relatively current snapshot. And the few times you have to download everything, it is ok for the user to wait a while.
But if you have to wait every time your last interaction is more than 7 days ago, the whole experience will change. And supporting a reliable offline experience will be very hard to build.
There is no hard limit on how long things will be stored. Data in localStorage might still be stored for weeks/months/years, as before.
The only limit is on how long things will be stored if the user does not interact with the site/PWA.
If you are a website, not a natively-installed app, that I haven't "used" in a first-party sense for 7 days or more, I don't think your data belongs on my device.
Storage space can be limited, and any app I haven't used in 7 days should be happy to re-fetch my data from a server or convince me to install their native app.
To act like this is some nefarious plan by Apple to get people to build native apps instead of PWAs is absurd. If a PWA was written properly in the first place, this change will have basically 0 impact on it.
It is certainly a plan to further relegate PWAs because they directly challenge the monetization strategy of apple. Its an area where their interests do not align with user interests. A "properly written" PWA may offer things like not re-fetching data from the internet when you already have it locally, and / or not forcing you to create an account just to save some basic data (ex: A recipe app, a jobs search app, etc). Consider for example, saving a job search website as an app, and being able to search and save jobs without having to make an account. An account could be offered if you want cross device syncing, but is not required just to save jobs. Which is great because some users prefer to remain anonymous, and PWA's open the door to that type of thing (as a singular example).
This move is _an_ example of Apple's (understandable) hostility towards PWA's, but you must understand the context here: There is a threshold beyond which PWA's become a generally acceptable strategy, and the quality and diversity rise over time. Apple is preventing that with this move (and others). That's why people are upset. Moreover, the outcome of this will be more "native" apps that are actually just wrappers around web apps, that exist purely because some basic functionality is being actively blocked by Apple.
> Consider for example, saving a job search website as an app, and being able to search and save jobs without having to make an account. An account could be offered if you want cross device syncing, but is not required just to save jobs. Which is great because some users prefer to remain anonymous, and PWA's open the door to that type of thing (as a singular example).
Consider the use-cased of this example. If I am actively job-searching, I will probably be using the site at least once per week, and the data will be saved throughout the process. When I stop using the site, I want that data to disappear for my own privacy/security; and if users want to save the data indefinitely without signing up for an account, then offering an export (e.g. CSV) seems like a reasonable way to address that.
Furthermore, non-Apple user agents may retain data as long as they like, and PWA's (as well as web trackers) are free to utilize that. It's not like this move implements any additional vendor lock-in; people who don't like it will switch to non-Apple platforms.
> Moreover, the outcome of this will be more "native" apps that are actually just wrappers around web apps, that exist purely because some basic functionality is being actively blocked by Apple.
This doesn't seem problematic. It's great if you can reuse some code between your web and native apps. Obviously truly-native UIs will be more efficient in many cases, but perfect needn't be the enemy of good.
Yes, and that's fine with me. Being on an iPhone, I use the built-in cloud-backed password manager which makes generating and entering credentials near-effortless. Furthermore, by not leaving long-lived tokens in my browser's storage, I'm less vulnerable to exploits that may exfiltrate that data.
Would it be possible for Apple to relax the 7 day limit for apps that are strictly client side only? I.e. sandbox the apps to not allow access to any remote resources? It seems to me the opportunity to exploit a user's privacy would be very limited without exfil.
It editorializes away the point of the post, which is that, according to the author, "Apple just killed offline web apps while purporting to protect your privacy [by forcing WebKit to delete all local storage after 7 days]."
I know I'm in the minority, but I'm glad this change is happening. I simply don't trust large tech companies to keep user privacy a top priority, and in my mind, this outweighs whatever UX niceties an honest company may provide.
The solution could be to give that option to users; a way to mark a website or app as trusted or not. Apple's approach on the other hand really sets the web apps back, which I (as a privacy concious individual) am more comfortable using compared to apps.
If this encourages more apps to go the native route, we've done more harm than good. Apps can gather a lot more data than websites, such as the dreaded contact list access.
OP here, I just posted an update section there with some extra information that I decided to clarify upon after interacting with people here. Thanks a lot for the responses, this has been quite great. I wish more people that are affected by this or that have opinions about it would write more posts.
There is no change without applying pressure at Apple. If this is important, we must speak about it, all of us. And yes, I understand that some people feel that this is not important for them, that is OK, we have different values and understandings, but if you have an opinion about this, please go out and post to your blog, dev.to, medium, whatever, but post.
I don't understand why the title was changed - the focus of the article isn't just on the fact that WebKit is changing how it handles local storage, but also a criticism of Apple's motivations for this decision.
The issue would be not that problematic if I could just run a real Firefox browser on iOS, not a skin over Safari, which leads me to a question that puzzles me for a long time.
Why Apple is not facing antitrust charges for not allowing competing browsers on their platform? Microsoft didn't SHIP competing browsers, but allowed them to run just fine on windows, and was fined nonetheless, but Apple somehow gets away with not even allowing competing browsers at all!
I'm not from the US, so maybe I'm missing something about these antitrust lawsuits. Can someone please explain?
> 1. Apple is not a monopoly player in the app market.
Apple has a 100% monopoly in the app market by running the only AppStore available for iOS devices, and that store review guidelines specifically prohibits use of any other web rendering engine but WebKit 
> 2. Microsoft's antitrust fine was for forcing OEMs to not include any competing browsers (Netscape) on threat of losing special pricing.
That's not the only lawsuit they faced. There was EU case that forced MS to make a special installer  for alternative browsers.
I really can't perceive the meaningful difference between these cases. And I believe it's about time to force Apple to allow installation of alternative app stores, from where users would be able to install all the apps they want, without being handcuffed by device manufacturer.
> I'm still not sure why more vendors don't make iOS PWAs to get around the App Store payment rules.
Because users won't use them. For users that don't have a technical background: if it isn't in the app store then it essentially isn't an app. For techie users: lots of us don't want web apps because of the power, memory, and bandwidth usage is often higher than a well written native app. The fact that there's a gatekeeper who has some control over what shows up in the app store is usually a feature and not a bug.
If there were big parts of the app ecosystem that didn't have native apps, then eventually users would find web apps. But that isn't the case. Think of anything and search for it in the app store and there's an app for it (including 2048).
I think this is a problem of their own creation - done in the name of simplicity which has outlived its usefulness, but to take it back now would be chaos.
A closed, curated app store gave less technical users the confidence to actually download software without concern that it would screw up their device. However, things which have a different model like web apps or system extensions (read: keyboards) were also put into the same distribution mechanism.
You can see why as it removes a barrier to using them: people just go the same place they've always gone to get software on the platform. They make no distinction between the native Gmail app and GIF Keyboard because the install process is the same and each are displayed prominently.
In reality, 3rd party keyboards and the like should probably be handled - from a UI standpoint - like they are on macOS, inside System Preferences/Settings, with no app icon on the homescreen, they simply aren't as important as full blown apps.
^ People will dispute this and that's really nice...but they're wrong.
offline web apps are different than PWA. A PWA doesn't necessarily work offline, but more is independent from the connection / loading of it. I do think most PWAs do work offline, but doesn't mean it's a requirement to call it a PWA.
Similarly, an offline capable web app is not necessarily a PWA, as PWA carries a lot of features to it besides being offline capable.
An offline web app is a frontend-only application (just HTML+CSS+JS or less) that can be loaded from any medium (internet, usb stick, direct TCP via netcat or any other transport) and work in your browser without requiring a remote connection to allow usage of it's features.
So yes, this would mean it doesn't run the risk of ex-filtration or snooping at the transport layer, as the data never leaves the specific website context in your browser.
Many web developers are turning to Electron in these cases but IMHO this is a waste of resources as the Electron runtime is not shared among the different apps running and there is only so many browser engines your computer can run before it has impact on its performance
Why? Why isn't the case that the code which runs Electron, and library code JIT-ted by Electron can't be reused by other processes on the same system?
It can be reused, it's just that nobody actually care enough about contributing to upstream electron.
There are unofficial solutions like electron-shared.
Ionic and Carlo also use only one chromium for every instance.
People complaining about how PWAs haven't taken off yet are extremely ignorant. Go open up your dev tools and see how many websites you've visited make use of at least some PWA features (most likely cache) without you even noticing. PWA features have a lot to offer to the web experience even without installing the app. You've been enjoying these features and you don't even know it.
When suppliers do this, they put customers back into a buying position. Instead of defaulting to buying another iPhone, I’m back in a buying position. So let me ask: what is a good alternative to an iPhone Xs on the market? I was also super close to buying an Apple Watch, but now I’ll defer that purchase.
I have already stopped building native apps because the App Store process is so painful.
Not on the main topic, but since OP mentioned CORS being a pain: is there a reason the browser doesn't let sites do cross-origin requests, but just without any cookies etc.? Either through a separate API or just the default behavior in the absence of CORS headers, is there a reason for that not being a thing? I can't imagine nobody has thought of it?
First of all, the various kinds of browser local storage have always been volatile. It has always been a bad idea to treat it as permanent storage. Maybe it's a little more obvious now? Not exactly a bad thing.
> the PWAs I was building here might just be dead for iOS users
If so, it was already dead for your users, whether you realized it or not. I guess you were going to implicitly promise something you could not deliver: that your PWA would keep track of the feeds the user was subscribed to (and perhaps also keep track of what had been read, and other user state). But you were going to screw your users, because a PWA without external persistent storage could not do that reliably. It's really luck for your users that this caught your attention and has you rethinking your app.
A partial list of things completely external to your app (not including this change) that could cause your users to lose things important to them that you stored in various local storage...
* user switches browser
* user has multiple devices
* user upgrades phone (or tablet, or workstation, or laptop)
* phone (or other device) goes in for repair or upgrade
* major change to browser (like Edge moving to chromium)
* some OS updates
* user clears browser data (as innumerable troubleshooting processes suggest)
It's wrong to think browser-based storage used to be stable but now isn't. It never was. Browser-based storage was never going to be a good place to store your user's important, persistent data.
For the past couple of years I worked on an education app where users are 90% of the time offline. Users can remain offline for weeks. There the is no reliable internet in most of the schools in Mexico.
I don't work on that company anymore but this is going to be a massive headache.
I find localStorage a bad crutch, when storage accessible to any browser or computer would be better. I'm totally cool with this because magical storage in your browser is just a bad idea, especially when it requires developer tools to find and see what it is doing.
Apple is at war against the open web and tries to kill it at all cost.
Most apple apps are privacy hogs which don't have any way to turn off tracking. In apps, Apple created a prison which noone can question and everyone will allow them to do all abuse. Look at Apple News.
What we really need is a way for users to store their own data that has the simplicity of local storage but the convenience of storing data in the cloud.
It does seem that Apple intends to cripple web technologies in order to move developers to their native platform but this will likely do more damage to privacy than anything. All of the alternatives to local storage for simple mobile apps typically involve moving data to a third parties like Firebase, AWS, etc.
Simple apps that didn't need a server and could just keep data or user-preferences locally would now need to either create their own data service or pay for a BaaS which means moving your data out of your control.
This behavior leads to companies like Under Armour to house data they shouldn't have and puts everyone (150M people) at risk.
What’s wrong with a “normal” app? No server required and data stays only on the device. The argument that the author is building a PWA because other people abuse privacy (with apps) doesn’t make much sense. Why not build the app, respect privacy, and be done with it?
LocalStorage is not a substitute for an actual database, it’s a cache. The problem with the author’s technique is that privacy minded users clear their browsers from time to time, so they would be inadvertently clearing data they actually wanted to keep because who uses LocalStorage as a persistent data store? Sure it could be used like that as an “off label” use, but generally it’s used to cache what is persistently stored elsewhere or used as a means to avoid multiple network calls in the process of doing something (such as saving calculations, the results of which would be eventually persisted.) Local Storage should be used as if it were a session store rather than something persistent.
The problem with a "normal" app is now you are beholden to the rules/regulations/evaluations of a third party that can easily decide without recourse that your "app" should not be in their store. Even if your app "is fine" every update and upgrade incurs a delay through the third party's reviewing process before your users receive it.
If the web browsers would provide _some API_ for persistent storage without yanking the carpet out from underneath developers this wouldn't be such a huge problem. There _used_ to be a file-access API but it was removed.
Personally, I think web browsers are too large a surface area to secure/keep secure and the world is probably going to swing the opposite direction to native, downloadable applications without the interference of a third-party store.
> Personally, I think web browsers are too large a surface area to secure/keep secure and the world is probably going to swing the opposite direction to native, downloadable applications without the interference of a third-party store.
Wait, you think downloadable native apps without any intermediary to validate them is more secure? What you're describing is basically the old shareware system, which was riddled with security issues.
A normal app requires a separate build process, users to install it, manual review for each update, perhaps the platform owner will just deny it without reason, and for Mac/iOS it also requires actually owning or "borrowing" (using another persons/companies) build machine and software.
I don't understand why an installed PWA should not be able to keep their storage just as a "normal" app can. It would clearly be better for both developers and users. There are so many apps & websites that could be more privacy friendly if they could just trust localstorage to actually be "storage".
I don't think you understand what "users to install it" means for actual users.
Most users are asked to install multiple apps for the normal sites they visit (like news sites, social media, imagehosting and more). They usually don't, and that's good. Those apps should not be apps, they should be websites. Most of those apps can be a simple website. If the users want/need more functionality that can be within a installed PWA.
I think this is more people and developers fetishizing what it means to be in the app store or to be "native". If we can run it all in probably the best sandbox we have available without having vendor specific builds or vendor specific prompts why would we as users or developers want anything else?
Some apps should be native. But the majority of them would be better as webapps rather than android/iOS apps.
EDIT: Also I'd argue a lot of those problems are artificially created by the platforms, not the developers.
That is terrible if you are working on a pwa game to cache assets offline. There should be some opt-in approach similar to location tracking in the background like some apps do. That seems way worse than simply having local data be relied upon. Not cool.
OP here, I just posted an update section on the post that touches some of the comments I've been seeing here. English is not my first language so I think that sometimes I don't make my ideas clear enough or well explained enough.
This won't accomplish much in the long term. Ads networks will simply start introducing server side SDKs. Websites that rely on ads will gladly use those to keep their revenue even if that means more load on their server.
Well, wouldn't surprise me if Apple is now trying to kill aspects of the "open web" they dislike. Ironic because they used "upcoming" web standards as argument to kill Flash.
Apple will do whatever it takes to protect its closed ecosystem, and if that means killing PWAs built with open web technologies they'll provide any dubious excuse to justify it (security, privacy, blahblah). They did the same back in 2010, killing a perfectly valid app platform that was picking up momentum, but they didn't control. A platform that was 5-10 years ahead of the "open web".
Looks like this time they won't use HTML5 as piss-poor excuse.
Posts like these are much more convincing when they simply make a case for some allowance or some functionality, or point out the downsides. The moment they go into whataboutism or grander claims of conspiracies or ill intentions they fall apart.
Rational readers click back and move on. You end up just preaching to the choir.
This particular complaint is paradoxical because Apple birthed web apps, and has done more than anyone to make them a reality. Unfortunately they remain a very rare beast -- extraordinarily rare -- and are dwarfed by the privacy concerns of people using iOS just to browse. So the team dealt with that. Seems a fairly obvious pros and cons analysis.
Maybe they'll add an exception for installed to desktop webapps.
> deleting all local storage (including Indexed DB, etc.) after 7 days effectively blocks any future decentralised apps using the browser (client side) as a trusted replication node in a peer-to-peer network
Sounds good to me, I don't want websites turning my browser into a p2p node :)
Whoever uses local storage as persistent storage doesn't understand what local storage is. 7 days is enough. Local storage is supposed to allow your app to temporarily navigate around connection issues, to not require "always on". You can never rely on this storage to be permanent, there are just too many ways to accidentally wipe it all and for the user there is no easy way to back it up.
Your offline app should ALWAYS sync to the server whenever possible. The only bad thing I can see here is that if you can't upload the data in time and the user then doesn't use your app for 7 days, he will lose what he last worked on, but such is life and why you should rather use real apps. Offline apps needs to work differently, they need to get permanent storage just for that app but only if the user explicitly choses to install it like that. Not every random page should get permanent storage on your device. This is the right move, Apple might just lack an alternative for apps you actually chose to "install permanently" ;).
> The problem is that the users are so brainwashed from decades of Marketing.
Is there any other device or ecosystem of devices where my parents can fix their problems by turning it off and on? The fact that I have 80 years old grandparents who can’t read English using iPads and iPhones is not just marketing, that’s “not having to google and download malware bytes and ccleaner and go into regedit” to maybe fix issues.
My dad downloaded a bunch of malware on his one plus. I refused to waste my time helping him uninstall it (he feels that it’s his god given duty to click on everything, and the shadier the source, the more click worthy it is). So he tossed it and got an iPhone. Now he can click all he wants.
Also android doesn’t have any tablets comparable to iPad, and they don’t or didn’t have any video call app as easy to use as FaceTime. Although, whatsapp video may be just as good now, but I have a few grandparents and a great grandparent who don’t have phone numbers, so FaceTime works better in our family.
Also, we use our devices until they die. So we need them getting security updates as long as possible, which doesn’t happen on Android. We have 4+ year old iPhones and iPads being used, all pretty much up to date on security updates.
My point is whatever marketing Apple does, the product is clearly superior in many ways so it’s ridiculous to claim people are just “brainwashed”.
Most of us have caught onto the scam promises of ongoing support from android device makers. With an iphone you are pretty sure of 3-4 years of good support. Doesn't the latest iOS support the iphone SE? And I think iOS 12 is still getting updates (Jan 2020).
Sure, so maybe WebKitGTK will (if this applies to that version). But why would Apple choose to include this fork over their own version in their OSes? If they don't how do you plan on using it with any Apple OS?
Except for iPhones/iPads where you don't really have a choice. Also most people don't give a shit which browser they use, they just use whatever browser is available when they get their device, which makes sense. But those users might soon have their data removed without really understanding why.
So I guess more people will switch from iOS to other devices.
I am the creator of a photo editor www.Photopea.com and I see, that more and more people care about their browsers. They spend a lot of time discussing the issues of their browser with me, because they need to do a serious work in it.
Are we absolutely sure they don't just mean the localstorage containers that aren't part of the current domain? In the same way they are clearing cookies from a different domain, and not the ones that belong to the current domain.
Perhaps the author doesn't realize that WebKit is open source. They could have used their screed to propose to the WebKit team that a first-party page loaded from a file:/// URI not have its client-side storage subject to the 7-day purge, by setting the "firstPartyWebsiteDataRemovalMode" network connection property to "none" — patch included! But they did not, which is quite disappointing.
Apple does not use that Webkit branch, however. They maintain their own branch internally that cherry picks from upstream. Webkit could very well accept a patch, and then Safari never ships that patch because they disagreed with it for use in Safari.
Also, unrelated fun fact: Did you know Webkit still uses svn? That Github repo you linked to is a clone of Webkit's own git repo (git.webkit.org), which is a mirror of their actual repo (svn.webkit.org).
I think it is worth noting that you can really say "Apple" is doing this or "Apple" is doing that with decisions at this level.
The company is just too big and not working in unison.
The Apple Safari Team is killing/hurting offline apps. The author asks why they don't take the same approach in Apple News - as if it is the same team that is in charge. Different team with different priorities and likely not talking to each-other.
I think the larger point is valid - but it better to understand that this isn't some cohesive cross-company strategy at play. Its size-able teams working on their own priorities within a larger roadmap (presumably).
As Apple is one of the most closed companies, it's hard to put blame on anything Apple-related as you don't really know who the teams are. Sure, WebKit contributors are visible as it's an open source project, but who is the "Apple Safari Team" really? And who is the "Apple News" teams?
Easiest is just to put blame on the top-level entity, which is Apple. They have control over their teams so they can redirect the blame if they feel it's needed.
And if this change is to be able to force more developers to build native apps on their platform, then it's for sure a cohesive cross-company strategy. But we don't know if that's the case.
I love these types of comments. They contrast very well with the “the reason Apple makes great products is because their hardware and software teams work so closely together to bring a cohesiveness that other companies can’t” comments.