> As mentioned, the seven-day cap on script-writable storage is gated on "after seven days of Safari use without user interaction on the site." That is the case in Safari. Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer. We do not expect the first-party in such a web application to have its website data deleted.
If your web application does experience website data deletion, please let us know since we would consider it a serious bug. It is not the intention of Intelligent Tracking Prevention to delete website data for first parties in web applications.
> have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer.
This makes it sound very much like homescreen apps will have their data wiped after 7 days of non-use.
> We do not expect the first-party in such a web application to have its website data deleted.
And this does not. It's a very confusing word salad.
It's not 7 days of non-use, it's seven days of application use without visiting the site.
Safari is one application, the homescreen app is a separate application. Presumably, all the alt browsers or WebView apps are separate applications as well.
Since you can't use a homescreen app without visiting the site, the 7 days of not visiting the site can't happen.
You can't really have "seven days of application use without visiting the site".
This might cause trouble if the web app is simply a list of timers which the user interacts with passively (map of earth showing day/night zones), but if there is any interaction at all the timer resets.
Data isn’t deleted after 7 days for home screen web apps.
It sounds like there's a time bomb in safari web views just waiting to happen. The timer is supposed to be reset every time you open the app, so there won't ever be seven days of opening the app and not using it. But it sounds like the code path is just there, they just don't ever expect it to be hit because the timer _should_ reset every time the user opens the app.
I can't _wait_ to deploy an application where there is literally an "rm -rf" pointed at my users data, with a complex conditional blocking it. That makes it far to easy for a webview bug to nuke my users data.
This is shoddy engineering. Could you imagine a filesystem being implemented the same way? You would never include a code path in your "mount" logic the says "if ( some condition ) delete everything;" that would rightfully be viewed as a terrible idea and a disaster just waiting to happen.
Honestly, if my data really matters, I don’t want it to be stored only in a single place. I can get the argument of wanting to have federated syncing, that would give the user freedom to choose where data syncs or doesn’t. But in my opinion you either care about the data or you don’t. Any data stored locally anywhere should be considered lost until proven otherwise. Like, drop your phone in a sewer, leave it in the wash accidentally, have it stolen, or even just have a different software bug obliterate your data and it’s gone. That’s the definition of fragility.
This mechanism failing is mostly theoretical, but having ones phone break is not; I would guess those of us who have been using smartphones for 10+ years have, by and large, all experienced data loss when storing data with no backup.
To relate to your statement, can you imagine if your data on Dropbox was stored on one harddrive, in one server, in one datacenter? Servers fail constantly. You can of course do whatever you want to improve reliability but without redundancy you are very much pissing in the wind.
On the note of “localStorage is temporary,” nothing in the spec defines how long localStorage persists, just that it is not bound to the session. In fact though, Safari already deletes localStorage when disk space is running low.
I am very much an advocate for folks being able to control their own data. I personally self host a lot and use a Synology NAS as my own backup for most things. But I think Safari would be wasting time to disable the counter entirely for PWAs. It doesn’t meaningfully change the likelihood that users will lose data. I think users often do want strong durability and privacy, and an API that n apps from needing to implement many remotes would be way more impactful. I’d love to tell an arbitrary notes app, “Go backup to this Synology NAS” without it needing to specifically support Synology NASes or for example, WebDAV. Put the provider on the clientside and you have a place to implement end-to-end encryption.
(Of course, Apple has iCloud backup, but I don’t think that covers your localStorage content anyways.)
That's all well and good except when you lose your emails that your wrote on the plane and didn't get a chance to send yet.
I'm not arguing that you should _never_ synchronize the data off the phone, but where I store data on my phone should be as robust as possible. So far I have never had my phone delete an application I had installed, but my browser loses local storage, cache, cookies, all the time. It is just not a robust storage location, and this new safari behaviour makes me trust it even less.
As a result, the web is continuously behind native apps for offline or semi-offline operation. There's no reason for that other than the shoddy engineering going in to web browsers, such as this recent addition to safari.
Also what about desktop?
From Apple's standpoint, when you put yourself on the user's homescreen, that is a deep connection between that app and the user. Apple spends billions in each finding new ways to enhance and enrich that connection. IMO, their _belief_ is that building a native app to take advantage of all these rich and engaging ways is the best way to build deep connections with your (developer's) users.
Being an icon on the user's home screen is where deep connection begins, not ends. You might add a today widget, you might want to send notifications, you might want to add AR experiences. You might want a Tablet experience and allow hand off between these devices. Apple is invested in becoming a deep level of importance in a user's life. They want to share as large of surface area with 3rd party developers as they can. It would be irresponsible to promote an API that made developers have to start from scratch when they decide they want to go deeper.
But said timer... does nothing? Why does it exist?
Also, it's simpler to have a timer that effectively does nothing than having extra logic to suppress it.
Safari is the first here. Firefox is certain to be right behind them. Google, probably not, but I bet Edge does the same thing before too long.
The point is that slowness to adopt new standards wasn’t exactly what made IE into the the IE we all hated; it was going off on tangents without consulting anybody too often that left it out on an island with custom versions of so many things. Fortunately it doesn’t seem like Google is going to lose interest on Chrome anytime soon.
Safari is the new IE in the stagnating, not supporting new functionality, not fixing long-standing bugs sense (that same early IE several years later).
Neither of these is a good thing or to be encouraged.
Please don't get me started on the oxymoron that is "living standards". I think that idea is responsible for a great deal of what has gone wrong with the web ecosystem in recent years.
That's where this is going.
> "first they came for localStorage and I did nothing"
 - https://www.theverge.com/2020/1/14/21064698/google-third-par...
What exactly does that mean? So you use the app for seven (perhaps non-consecutive) days, and now all third parties that haven't been, uh, interacted with, get their data wiped - but not the the first party, because that has been interacted with, by virtue of the PWA being launched in the first place?
I guess that solves the problem?
But it's no surprise that Apple would want to impose an "install" step on the web to prevent it from looking more attractive than the App Store.
The FUD here is getting out of control. "PWAs", that Google pioneered, are all about having an ‘install step’ to put the "web apps" on your home screen. https://web.dev/customize-install/
"impose" is the wrong word. I think you mean they are "trying to understand you and do the best thing"
It's kind of a nightmare due to both Google and Apple messing things up.
PWAs could be an amazing platform but both companies are really messing it up.
Apple is trying to kill them by giving plausible explanations as to why they can't have PWAs. Security this, blah blah blah. There's no reason they can't have PWAs work well in Safari other than they want you to port your app to the App Store and get locked into their native APIs.
Google's problem is, well, they're Google. Meaning things are somewhat incoherent, docs are all over the place, they start new initiatives then abandon them half way, etc.
Consumers are another problem. They have no understanding of PWAs and they go to the app store, don't find us, and then complain we don't have an app..
The plan now is to use Google TWAs and port our PWA to Android.
We're going to do the same thing to Apple after we do the Android release BUT I think there's a 50% chance that apple will just flat out block us.
I think we might have a chance of getting around it if we use mobile gestures properly, use platform specific APIs like the camera, audio, and GPS that aren't on web and try to really integrate into the platform properly.
For example, they have an API to detect dark mode now. IF that's on we're just going to magically enable our dark mode in our app.
- If I press the settings gear, the text on the settings page is about twice as wide as the screen, requiring horizontal scrolling.
- On the front page, if I open the color picker, it's partially offscreen.
- The hamburger button on the left opens a modal view that covers all of the screen but a small margin on the right, making it unreasonably hard to exit.
- If I try to create a tag or folder, the name prompt appears under the other modal view and is improperly sized.
- Oh, and the UI looks thoroughly non-native, e.g. Google-style floating action button, UI not covering the status bar, bottom tab buttons too short, etc. The animations are also haphazard.
My point is not just to nitpick. It's just that while I sympathize with the idea of PWAs in principle, almost every single time I see someone talk about theirs, the PWA in question has immediately obvious glaring UI defects that have nothing to do with browser limitations, and leave it far below the standard of a good native app, or even a bad one. I honestly don't know why this is, but experiencing it over and over makes it hard for me to care about PWAs.
I think one of the reasons we see a lot of less-polished PWAs is that the idea of the PWA appeals to businesses at certain stages. Larger shops can afford to ship native binaries to more than one platform, but a smaller operation can't. PWAs are presumably tempting to those types of product teams: you get multi-platform reach while truly only writing for the web. The fact that their UIs have rough edges are probably a result of having an MVP-stage product.
Beside Twitter rely on server side storage and pretty much only store session token in the PWA "local storage" (largely speaking).
And as a user I rather installed iOS native App to keep finer grained control on permissions. (I also use multi accounts not sure the PWA Handel that?)
I'm just gonna link to a small subset of failures we've documented: https://www.google.se/search?q=twitter+site:grumpy.website
It's twitter's mobile site that they extended to cover both desktop and PWA. As a result, it's quite bad on all fronts and judging by the number of bugs that are lingering with no fixes, abandoned. At least they managed to almost fix the epileptic scroll position 
> I don't have to give Twitter access to detailed information about my system while still using a full-featured, first-party client.
Yes, this is, without a doubt, the best value-proposition of PWAs.
The single issue with PWAs, on iOS, is how do I add a PWA app to the home screen? I go to the app store and search... and your app isn't there. As developers we innately understand why that's so, but our users don't and shouldn't need to understand the difference.
Very interested in hearing about pain points you've had building out PWAs, especially if there's features you were keen on that haven't been released. Easiest way to reach me is on Twitter: https://twitter.com/b1tr0t
Fully agree with you that docs are all over the place. We've started to consolidate docs under web.dev, and the PWA section launched recently (https://web.dev/progressive-web-apps). Consolidating and adding docs is an active area of investment, and our goal is to create a well lit path for developers to succeed with PWAs.
The example at
was way too complicated as a first example, if all I wanted to know was how to make my app installable and is also broken as it uses some outdated tools. (don't remember the details)
Also, it could have been mentioned somewhere, that when you serve from localhost, you do not need SSL to install it. Knowing that, would have saved me the trouble of messing with apaches config and certificates.
So that was very frustrating as a start.
Much more helpful was a very simple hello world pwa which was barely installable. But it worked. And from there it was easy.
Blog post of the announcement: https://blog.chromium.org/2017/10/building-unified-documenta...
Web.dev is not an MDN replacement.
I think the sail has long sailed for asking Chrome/Google to help out with the openness/sharing on the web/internet. It's time we just start ignoring them instead.
I don't know, never say never I guess. I'm certainly not going to defend Google's track record on openness and privacy -- there have been, under even the most generous of interpretations, huge missteps, and I don't think they deserve the benefit of the doubt -- but they do contribute. Edge backed by Chromium?
Color me surprised when I discovered that also Google is mentioned there! Here is the announcement: https://blog.mozilla.org/blog/2017/10/18/mozilla-brings-micr...
Reading that announcement makes b1tr0t's statement "We've started to consolidate docs under web.dev" even worse, as they previously said they are gonna contribute to MDN, but now they have turned and use their own shit anyways.
Screw you Google.
Any plans for https://developers.google.com/nearby ?
I don't want Google or central authorities to decide which PWAs are "trustworthy" directly to ask for certain permissions but there could be a way or compromise. I don't remember which feature it was but it required yes from Google.
Bluetooth discovery is an especially thorny area from a privacy perspective. What use cases did you have in mind?
Asking for permissions upfront has been found to be an anti-pattern in systems UXR. Research has found that users make better decisions and find the experience less interruptive when permissions are requested in context at runtime. For example, in a video chat app, it's better to ask for the camera/mic permission at the start of the first chat session, not when the app first starts. Mac OS, Android etc. and other platforms have all been moving in this direction over the past few years.
When the permission is requested, we're investigating ways that we can do more to communicate permission risks to the user. Nothing publicly shareable yet, but do expect experiments to be showing up in dev channels over the next few months while we try new things.
Wouldn't it make more sense, to display this info before you install a pwa?
Making it clear why a TWA is in the app store is hard in itself. Trying to explain why it's better for consumers over a native app + mobile site is even harder.
See these reviews for yourself here: https://play.google.com/store/apps/details?id=uk.co.openrent
You blame Apple, Google and your consumers, instead of just making native apps. Why?
Either Apple should stop being the gate keeper or stop making life harder for web devs.
And improve their documentation to lower the barriers to native development.
I hope Apple keeps restricting this in the future too so that iOS app ecosystem won't turn in to a turkish fruit market full of crap like Android.
Why should users suffer the lowest common denominator because of lazy developers?
There's a bunch of very complex web/electron apps that disprove the idea that the web is only for static documentation and web-inspired ideas are coming to mobile (React --> Jetpack Compose/Swift UI).
More importantly, hiring can't be put aside, and it's much easier to adapt your web app to work for mobile (since websites should be screen size agnostic anyway) than it is to build a fully native app from scratch.
Really? You're blaming your customers for not being sufficiently tech savvy and not wanting what you're providing?
Personally, I am happy with Apple's decision here.
Is it possible they also want you to port your app to the App Store to prevent an explosion of garbage and malware that could happen if PWAs really took off?
You mean, like the Internet. The App Store is a nice, safe walled garden, like AOL.
- Standard HTTP Cookies
- Flash Local Shared Objects
- Silverlight Isolated Storage
- CSS History Knocking
- Storing cookies in HTTP ETags (Backend server required)
- Storing cookies in Web cache (Backend server required)
- HTTP Strict Transport Security (HSTS) Pinning (works in Incognito mode)
- window.name caching
- Internet Explorer userData storage
- HTML5 Session Storage
- HTML5 Local Storage
- HTML5 Global Storage
- HTML5 Database Storage via SQLite
- HTML5 Canvas - Cookie values stored in RGB data of auto-generated, force-cached PNG images (Backend server required)
- HTML5 IndexedDB
- Java JNLP PersistenceService
- Java exploit CVE-2013-0422 - Attempts to escape the applet sandbox and write cookie data directly to the user's hard drive.
In short, everything and more can be used for tracking, and that has really killed the party for the many people who have created responsible, useful applications of these browser APIs.
Mobile apps suffer these kinds of problems far less, partly because it's understood that actually mobile users don't install apps then get upset about "tracking", in fact, the vast majority of apps will want you to sign in to some sort of account and those that don't will be using ad networks to fund themselves, that users understand and accept this and that throwing up permissions screens doesn't achieve much because users will typically grant the permissions. Privacy on mobile platforms is more about stopping activity the average user would recognise as illegitimate spying - turning on cameras and microphones to feed conversations to angry ex-girlfriends, that sort of thing.
If the web's architecture had some sort of coherent view on how the tension between users, content providers and advertisers should work, then we wouldn't see this steady endless churn of app-breaking API changes. Everyone would know the rules of the road and there'd be way less tension as a result. Mobile platforms aren't quite there because they were designed with security architectures that were then pressed into service as ad-hoc privacy architectures, but they're still far more coherent on the topic than the web.
Please share anything you think and find.
Balancing these kinds of trilemmas, on a knife's edge, is my metaphor for designing open markets, governance, democracy, planning, and so forth.
I think your comment really hits the nail on the head, IMHO the frustration shouldn’t be directed toward Apple but more toward the groups who have pushed the tracking practice so far to necessitate such draconian measures.
Now we store the account token in iOS keyring and that works.
It is not clear that a user coming to your website before the 7 days, even offline, is exempt of it.
But most apps cannot be used offline at all, and instead they use localstorage as another place that can store tracking cookie.
So as a user, I fully support this change, because there should not be a loophole like this.
Server side, or if you need privacy, have the user export to / import from a local file.
Sisyphus says 'Hi!'
I hope they come up with some good options as this news settles. It's hard to see this as anything but even just a accidental push ('well you should always have written an app for the app store') to force folks to write a native app / participate in the app store.
Edit: getting downvoted without any reasoning provided, so I assume I'm incorrect, there are more/less ways of storing data in the future for Safari users?
Cookies can either be set in HTTP responses or through the document.cookie API, the latter sometimes referred to as client-side cookies. With ITP 2.1, all persistent client-side cookies, i.e. persistent cookies created through document.cookie, are capped to a seven day expiry.
Indexed DB, LocalStorage, Media keys, SessionStorage, Service Worker registrations
Since cookies are not mentioned, I'm assuming it's NOT affected by the 7 day cap but will instead continue to work as normal (except for the fact that 3rd party cookies will stop working, which is a Good Thing)
> It is not the intention of Intelligent Tracking Prevention to delete website data for first parties in web applications.
If right now you have a web app with paying users, that means you have an accounting system of paying users.
You could publish a "native" app that simply serves that web app through a web view, using those same accounts.
Will you get new users from that? If yes, they will pay for that (in principle). If not, just some existing users would migrate? Then you just increased your cost without increasing your revenues. So you would need to gain enough new users to make it worthwhile.
* * *
In a nutshell, it is the same reason why Adobe won't port their apps to Linux. They already have all the users that need their software, and while it would be nice for some of their users to migrate, it won't bring anything to Adobe.
Again, if you are actually affected by this issue right now, you have a web app that is more or less trivially ported to a web view app. Your user don't have to migrate, they already have accounts, they just need to download the app again, this time from the App Store.
> In a nutshell, it is the same reason why Adobe won't port their apps to Linux.
Linux is a non-market for Adobe apps. On the other hand, if you have an offline PWA right now, you most likely already have iOS users that you would probably lose if you start confronting them with this "7 days and your data is gone" bullshit.
Therefore, since native apps are more of a platform differentiator than web apps, moving forward we can expect Apple to start systemically hindering web apps, especially on ones that are good on iPadOS, in order to boost native apps.
(I’m not saying this necessarily the start of this, but I am saying I'm not surprised. This is exactly the type change, targeting the exact type of app I’d expect to be targeted.)
As a web developer, I've never believed Apple has hindered web development on their platform, purposefully or not. They just don't spend their resources adding in WebBluetooth or whatever new API-of-the-day Google has decided to come up with.
As I see it, their focus is on the user, which is why they've been slow to adopt APIs that are privacy concerns, or drain battery, or have other negative implications.
The bugs in Apple's software, whether in web or native or in documentation are not part of some nefarious plot, its just a part of Apple's mismanagement and relatively minimal resources.
Uh, they're the most well capitalized corporation in the world (or hovering in the top 3 plus or minus a few quarters). They have the resources to make it work if they wanted. There are undoubtedly thousands of engineers, hundreds of managers, and at least a handful of execs, working for Apple, lurking in this HN thread today, not because they're unaware of their ongoing sabotage of web standards on iOS, but because they're completely aware of it and want to take the temperature on how their latest kick to the shins of PWAs is going over.
I wouldn’t be surprised if Safari/WebKit was one of the larger teams within Apple dedicated to a single app.
I can speak from personal experience that users do use it when you include specific instructions on how to use it. And it’s used in a number of corporate settings for installing webapps on an iPad.
As another web developer, I find this entirely unrealistic. Apple's QoI even for popular new features like the HTML5 media elements was a bug-ridden mess for years before they fixed even basic problems. Conveniently, having managed to break the de facto standard for serving video on the web that had been working for years up to that point (Flash players), that left native apps as the only reliable way to do a lot of even quite simple things you might want to do with multimedia content. There is a deep irony that some of the breakage was because they were playing those media elements through effectively a separate plugin of their own that wasn't properly integrated into Safari and consequently broke other basic web behaviours like cookies.
At this point, the idea that Apple's motivations for the constant breakage and even severe regression of web functionality on iOS devices are entirely altruistic and for the benefit of their users is about as credible as Google and Facebook lobbying for privacy regulations because they want to decrease tracking on the Internet.
Even on the Android phones that supported Flash, it ran like shit and drained battery. Apple just never opted into that experience.
This revisionist history, of seeing people wanting the proprietary Flash to come back, is crazy.
I don't think that generalisation is warranted.
Apple refused to support Flash at all, meaning everyone who wanted to provide (among other things) audio/video content had to switch to the nascent HTML5 functionality, which was at that time and for some years afterwards inferior to Flash in almost every way except availability.
In that situation, it made little sense to invest in better Flash support on Android as it was presumably seen as a dying technology. However, there was no inherent reason why Flash couldn't have been improved to use less battery in the same way that the browsers themselves were, or that Flash could not have taken advantage of better hardware support on mobile devices for computationally expensive tasks like video decoding as this became available with newer devices.
There's nothing revisionist in saying that people wanted A/V content on their sites, that Flash player had been by far the dominant way of providing that content up to that point, or that the then-new HTML5 alternatives were also very poor in quality and performance on mobile for several years afterwards.
Remember how for several years everyone with iPhones couldn't watch the videos on a lot of websites, and how excited people were when the big video hosting sites started adding HTML5 players and, in time, support for better codecs? Probably many of those people had no idea what Flash or HTML5 even were, so I don't suppose they did "want Flash to come back", but they certainly weren't happy that they couldn't watch videos on websites like everyone else.
Oh and let me guess, they know better than me that I don't need this or that.
Let them suffocate inside their poisonous wall garden as the web gets richer and richer.
I don't think the way to fix ad bullshit is to close down everything, I do think it's in opening everything and educating everyone. That way people actually win, not corps, as it should be.
They have been doing this for quite some time now. Always ostensibly to protect users but always also conveniently putting webapps at a permanent disadvantage to native apps.
For my part I'm not interested in being a user of a platform so hostile to the web that it disallows any third party browsers.
This isn't always a bad thing though. For example, Safari has prohibited some obnoxious behavior that Chrome has allowed: Autoplaying videos, tab suspension, push notifications. These hog CPU and destroy battery life, worsening the user experience.
Remember, making everything a web app is Google's agenda because they benefit most from it.
For example I've noticed that if you play a video on a website during that session, it will allow autoplay from scripts on that page (not 3rd party) for the rest of that session. Same for unmuting an autoplaying video.
This is all undocumented though and through personal observations, as Apple seemed to stop posting Safari documentation years ago.
Web push is better than native app push when it comes to power consumption as web push is stricter on what you can do.
IE6 must have been a great inspiration for Apple judging by their behaviour when it comes to Web.
Personally, not having web app storing large amount of data is a good thing.
It is still a significant restriction, but it is rather understandable. Without it it could be just Blink everywhere at this point.
On the other hand, the web is mostly open for all, so most people benefit from it, not just Google.
I'd be amazed if there were more than a tiny fraction of iOS/iPadOS users (of which there are hundreds of millions) who weren't perfectly ok with Mobile Safari for their everyday usage.
[I'm probably the "target market" for Chrome (backend, occasionally frontend developer) and there's no way I'd have it on my phone. I only suffer the GMail app because they've made IMAP usage of gmail unreliable.]
In what reality-distortioned universe is that worse than having a crippled web?
Google Docs doesn't really work offline, so it's not impacted by this change. Could also be a change of heart from Apple, since their stance on web applications have changed before.
Isn't the new policy for local storage being copied from an existing policy for cookies? How can they switch to cookies?
In the linked article it actually mentions that this policy is being widened from cookies to the rest of script-writable storage.
They could restrict these APIs to "installed" web apps via the web app manifest file, if they were to adopt that. Maybe they will in the future, but for now they've just made web apps far less powerful.
It actually works quite well offline
So now that web apps have the advantage, at least when a keyboard and mouse are attached to the iPad, Apple is going to be seeking to tip the scales back in native apps favor.
I respect you have some other motivations here, but I'm not doing this for fun. I'm doing this because it's important to how I spend my most important resources: my time and effort. So no, I'm not going to stop speculating, the mere idea is laughable. Like buying an individual stock while having no opinion of what direction the company might take in the future.
Apple just added new APIs to support these.
We don't want filthy legacy webapp shit, but 2020 high quality user experiences.
What does the "i" mean in that case???
I had never thought of that!! I wonder if that same idea came into naming the iMac then??
My post was not an attack on anyone or anything, and it was not being snarky. All I said was that I develop native apps, and that this policy does not affect me.
I like developing native apps. I've been writing native Apple software for 34 years. It's not really difficult; just different. I have also been developing "Internet" software, of all kinds (full stack), since before the WWW. Using Apple stuff. It certainly can be done.
Browsers need to be severely limited due to them running arbitrary code from the web. Doesn't matter if it's an offline web app. If you want more access, make a native app (with or without web technologies).
But the argument that this will protect privacy in the first place seems really weak.
Before this change in Apple's policy, an app could store my config data on my PC.
After this change, they'd need to have me log in and send the config data to their servers.
That seems like I've lost privacy, not gained it.
- Asking the user client side for a password
- Encrypt data as a blob using some symmetric encryption (AES)
- Push encrypted blob to the server with login attached
If you're using SSO the client authenticates and then can pull down the encrypted blob based on the SSO auth being valid. You can tie 2FA in however you wish. At that point the user is prompted for a "data" password for that particular site. Or would there be an easy way to build a pki/pin cert type of encryption to eliminate the password prompt? (I feel like this is essentially what Keyring!? would do but maybe not?)
Outside of implementation weaknesses which I feel could be mitigated by created standard libs to do this, what am I missing?
Bonus points for pushing the data diffs only or even a version controlled blob (data stored in a git repo where only the diffs are pushed in encrypted form).
Edit: Or how about a local hardware appliance for your network that stores all data like this encrypted and pulls from there.
You'd have to log in. That's a hurdle that involves implicit consent.
It's a power-play on Apple's part to intermediate themselves where their inter-mediation isn't necessary. And all kinds of customers (enterprise in particular) won't appreciate Apple getting a free "hi hello" signal on how much their company uses some service that leverages this scheme. Especially if Apple is a potential competitor to them.
If you are coerced into giving consent, it isn't consent, and most of the time if you're doing it so you can be part of the world around you, it is coerced, whether people want to recognize that or not.
> deleting all local storage (including Indexed DB, etc.) after 7 days
which I can see how it might help privacy (since you could be tracked via local storage too) but also how it might break any potential web app that might need data to last more than 7 days.
> If you want more access, make a native app
But then, everybody will complain about yet another Electron app, right? Not to mention that you have to fork over $99 and go through the signing / notarization hoops that change from one week to the other.
I think in the name of privacy and security only Apple and some select few corporations will be allowed to make software in the future. macOS / iOS and Windows 10 are evolutionary dead ends in many ways.
* AdoptOpenJDK releases that were notarized some months ago are no longer accepted by Apple since they made the rules even more stringent. I had releases accepted by Apple that are not accepted today using the same AdoptOpenJDK binaries.
* Apple's notarization rules are not global. There's whitelists for given companies/institutions/apps/files which means the same dylib might not have to be notarized by a bigger player but will have to be codesigned by you.
The above happened to me in the span of less than 3 months I think?
Indeed, the scripts I use per se to do the notarization are about the same as originally.
And I made a test about the non-global rules too (by trying to submit the same binary and getting rejected).
Is that the future you want?
 And they would not be happy about that either. For many that would mean RDP or Citrix. They prefer webapp right now.
The market will decide. Your comment is just on the user-hostile side of assuming it will prefer your technology choices.
The deployment story is so much better for web apps, which is the main reason it seems to be so compelling for big enterprises.
which is somewhat ironic, because the goal of a web app is to break free of the walled garden and become OS-independant.
Also, Apple may want a cut of the subscription revenue but most companies who have significant subscription revenue, don’t go through Apple’s subscriptions payments.
Clearly it's A LOT of money for apple. If they didn't care about the money then they would just allow it so everyone could avoid receiving payments using apple and giving them 30 %.
What makes you think users would willy nilly put their credit card on every random website.
Everyone can avoid using Apple for subscriptions. There are existence proofs of apps on the store that require payments outside of the store - like all digital content from Amazon.
Most of the money that people spend on the App Store are from games and in app consumables. Especially since the major services like Netflix and Spotify don’t allow in app subscriptions.
How many apps require a subscription and cannot be a web app because of limitations of Safari?
How many paid apps would be websites if it weren’t for limitations of Safari?
Browsers usually ask for an additional permission in this case which would be a good approach. Your post sounds like "browsers need to be severely limited, so if you want to watch video, just launch VLC". It does not work this way.
The real 'write once, run everywhere' are webapps, a webapp doesn't care if you are using Apple, Windows, Linux, BSD, whatever, if you have a compatible browser you use the app.
Sure there is Electron (or React Native), to me it doesn't make sense, what is the point that every application needs to ship basically a browser? And still Electron apps need to be compiled and packaged for every platform, while with webapps you enter the URL in the browser and you are done with it.
Doesn't adding APIs to browsers not only to use the local storage but also to access the filesystem of your device (of course asking the permission to the user) make more sense?
Of course what really Apple fears is loosing the control of the apps that gets used on their device, now they control the App Store that is the only way to get apps on their devices (beside jailbreak), with webapps is different, since you can access them directly from the browser.
And the thing that is absurd is that the first iPhone didn't have the App Store since Apple decided that the only way to get third party apps was trough the browser, now they are aiming for the opposite thing.
We've been forced into an electron client and now urge our customers to ignore the web client. If we didn't have a small number of customers on Macs, we would abandon web tech altogether and build a native Windows client.
that’s not been my experience*
* unless you use some huge web framework to abstract everything and patch all the differences between the browsers
How's installing a native app better for a random user privacy or security wise, exactly?
Besides, in the browser you have trivial tools like uBlock and the network tab. In native apps, you have to use mitmproxy just to see what the app is doing at all.
I understand it's changing too, but not as fast as safari.
Native apps have the same problems too and such "severe" limiting of apps in web browsers still doesn't solve it. The only more or less privacy preserving model I can think of for native apps today is open source repositories with app distribution not controlled by app developers, like f-droid or repositories in various linux distros.
Otherwise this has absolutely nothing to do with privacy or tracking.
As a customer, I'm tired of devices functionality being limited coz "security risks". Functionality that is arguably superior to native apps apart from the security risk.
...and give apple their cut. Why not add permissions to webapps? Like location, or push notification... oh that's another feature that happens to be missing only in safari.
Just accepting these moves from apple as "in the interest of users" is naïve. Apple has a huge vesting in their appstore, and every webapp is a potential appstore-app that is some lost revenue.
I mean, maybe apple is right, and the web should go back to a readonly document-like format, like in the old days. Articles and links. Apps for everything else. But let's not kid ourselves that they do it purely in the user's interest.
A big chunk of the web these days uses JWT and localStorage for auth.
Can PWAs not switch to using IndexedDB which seems like it’s more purpose-built for this use case?
No snark intended. I’m legitimately curious what the situation is and where any blockers are.
- Indexed DB
- Media keys
- Service Worker registrations (I guess this means service worker caches)
IndexedDB is also subject to the 7 day limit. Leaving no persistent storage for web apps at all.
Actually, I'd be even happier if any form of offline storage required explicit user permission anyway.
I think this is an excellent example of such an unobtrusive prompt and is how ALL such features should be implemented. Sites should get almost no permissions by default and certainly not be able to show popup prompts.
When the site tells them to "active X permission" without telling them how to (for their specific browser version), most will leave instead.
When the site gives super detailed, up-to-date instructions on how to activate the feature, a very large percentage of users will still leave instead.
When the feature is so useful that many sites go through all thouse troubles and it's common enough for users to encounter this that they'll follow through, most will do so for every site that tells them to and entices them with "ACTIVATE X TO RECEIVE YOUR $10,000 PRIZE, LUCKY WINNER!!!".
network.trr.mode I'm looking at you.
https://dexie.org/docs/StorageManager describes the StorageManager API which lets you prompt the user to allow your IndexedDB data to be stored more reliably. My first thought after reading this article was wondering if this would allow an exception to the 7 day rule... but then I remembered that Safari is the only "modern" browser which does not support the StorageManager API
lol, sucks for users of my client side JS video game!
Even offline storage that is only used locally? Say a game with savegames that has doesn't use online connection to play it.
Another example: a password manager.
But as soon as you allow it any access to network resources then carrying state becomes a liability.
A Note On Web Applications Added to the Home Screen
As mentioned, the seven-day cap on script-writable storage is gated on after seven days of Safari use without user interaction on the site.” That is the case in Safari. Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer. We do not expect the first-party in such a web application to have its website data deleted.
If your web application does experience website data deletion, please let us know since we would consider it a serious bug. It is not the intention of Intelligent Tracking Prevention to delete website data for first parties in web applications.
I don't get it. Which of these statements is correct?
1. "Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Of course, that counter doesn't do anything. It just sits there, counting, for no particular reason. We just love counting things!"
2. "We do not expect the first-party in such a web application to have its website data deleted. Except, of course, if they don't use the web application for seven days. In that case, that data will be _extremely_ deleted! Really just wiped from the face of the earth."
The counter is per days of application use, so (2) is false. Not using the app does not affect the counter.
The counter is also per domain, and so while the first party domain for the PWA (which is likely to, of course, be loaded on each PWA launch) is effectively meaningless, if you visit other domains from within the PWA they will be subject to the counter independently.
Then the next few times I switch to the app, I don't launch it from scratch, I just look at the twitter.
Then I've gone seven days inside the zombocom app without touching their actual domain.
Does everything except the twitter cookies get deleted?
Can anyone explain this with an example?
So web apps added to the home screen will have their storage wiped under some scenarios? If not, what does "have their own counter" mean?
How are web applications added to the home screen not part of Safari in a way that's different from a regular URL you might visit?
Note this is totally based on my reading of the GP:
>> As mentioned, the seven-day cap on script-writable storage is gated on after seven days of Safari use without user interaction on the site.”
I'm understanding this to mean: you access Site A and it stores data to your local storage on day 0. Then you use Safari for Sites B, C, and D, but not A for the next 7 days. Since Safari has been used for 7 days without using Site A, Site A's data is cleared.
>> Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer.
I'm understanding this to mean there's no distinction between Safari and Site A anymore. Since you can't use Site A for 7 days without using Site A, Site A's data is never cleared.
It would make much more sense for them to just disable the counter in this case, or at least just explain it that way. It would be less confusing.
So installed PWA's do have automatic deletion, but that basically only applies to third party content (like advertiser tracking cookies, or content from other sites you show inside an iframe), since the number of days used since last interaction counter will stay at zero for the main site.
I think WebKit’s handling of local storage is the prime example of how optimizing for privacy to the exclusion of every other consideration is user-hostile
Since you can use Safari without visiting the PWA's domain, this feature can delete the data of a PWA which runs in Safari.
Since you can't use a homescreened PWA without it visiting the associated domain, the data saved by the PWA's domain will never be deleted for homescreened applications. But data associated saved by other domains can still get deleted if you use the application for 7 days without it opening that domain.
This is a baffling word salad. So they are tracking days of use of home screen web apps... which sounds like it means that if you do not use the app for seven days the cache will be deleted... but they don't expect a web app to have its data deleted. What?
For all web browsers, content is only deleted after 7 days in which you use that browser. So if you shut for phone off for a month, and then turn it on, and open safari, that whole month only counts as one day, since you did not use the safari browser during that month.
The same rules apply to PWAs installed to the home screen, which are being treated as seperate browsers. Of course, the count of days of use of this "browser" without using the main site will always remain zero.
But for third party cookies, or third party content from an iframe that uses local storage, those would get nuked if the home screen installed PWA is used on 7 different days without interacting with those domains.
Isn't that just visiting a webpage?
Without being able to use localStorage as a long term store, I'll have to register for an account, have to deal with them handling my data, etc. Losing the functionality of localStorage as a long term store has disadvantages.
I feel the comparison of Apple with data companies such as Google, Facebook is by itself at fault. Apple like any computer company of 70's was not into data, just because Internet itself didn't exist at that point like it does now. 'Apple didn't choose to be in data' is projected as altruistic, instead of just a marketing ploy(they didn't choose, because it wasn't available).
Apple doesn't receive even the fraction of scrutiny Google, Facebook receive (which they should). e.g. iCloud hack, Apple's response to iOS vulnerabilities targeted by state actors, Newer Safari being incompatible with privacy extensions such as uBO etc.
Personally I feel good that Apple is not into data, just because I feel if they are into data; they might be more evil than Google or Facebook aided by their walled garden.
I simply see no technological solution to this problem, it'll always be a cat-and-mouse game, until governments catch up and makes it illegal.
I'm eager to hear if someone here does have any solution to this problem though.
Then you we will have privacy-avoidance companies just like we have tax avoidance. Problem solved!
It's compiled using LLVM, which also contains thousands of lines of open source code by Apple.
Of course you might argue that these examples don't prove your sweeping statement false, but please read https://en.wikipedia.org/wiki/No_true_Scotsman before arguing.
> or as in this case was counter-intuitive for privacy
I fail to see how this is counter-intuitive for privacy.
> iCloud hack
> Apple's response to iOS vulnerabilities targeted by state actors
> Newer Safari being incompatible with privacy extensions such as uBO etc.
It makes it impossible to have an app that stores data in localstorage reliably, instead requiring it to be backed up on the app's servers.
It's not incompetence. When you request a route, your iPhone breaks up the request into separate, unrelated segments so Apple doesn't even know your total route. They've done work to avoid tracking you.
Call it a "marketing ploy" or "altruism" or whatever, but the fact is that Google wants to know where you go, and Apple doesn't.
I was developing a feed reader that was supposed to be a client-side-only PWA but that's tricky.
Which is one of the reasons I like PWAs, they are ISA independent and are working pretty well here. Unfortunately Firefox doesn't support an add to homescreen feature on the desktop, so I used Edge to do it for the apps I want to have a nice icon for (such as spotify).
If you're going to use it much like a chromebook then it might be a tad too expensive to be justifiable. I don't regret buying mine at all, I really like it, but I'm sure they'll release cheaper ARM64 Surfaces soon, I'm betting on a Surface Go with ARM64 at some point.
The problem is that developers have to spend a significant amount of time and money to get on iPhones because of Apple's policy here. If browsers and devices fully supported PWAs developers could "write once, run everywhere". Instead we have to build separate apps and deal with separate release processes. It's a huge productivity cost.
Apple isn't obligated to implement every single "this is now cool on web"-thing on it's platform to satisfy small niche of people who will find value in them.
Apple definitely makes it difficult to use them effectively. For example you need to use Safari on iOS in order to download the PWA - it won't work if you're on chrome or another third party browser.
Twitter, Instagram, Starbucks, Pinterest and more have PWAs as well.
Edit: the official help page on how to do Find&Replace reads like a joke until you realize it is very real:
> ITP 2.3 caps the lifetime of all script-writeable website data after a navigation with link decoration from a classified domain.
i.e. the 7 day timeout for local storage only kicks in if you've been redirected from a domain that ITP has classified as one that tracks users. So, for example, web apps that users navigate to directly will be unaffected.
why would you look at the old blogpost for the new behavior?
It's all web pages, regardless of classification or redirects. The new webkit blog post is quite clear:
> Now ITP has aligned the remaining script-writable storage forms with the existing client-side cookie restriction, deleting all of a website’s script-writable storage after seven days of Safari use without user interaction on the site
Or straight from the ITP lead's twitter:
> Fifth, all script-writeable storage is now aligned with the 7-day expiry Safari already has for client-side cookies.
(with follow up replies on what resets the seven day clock)
I see the same "oversimplifying" in webkit's 2020-03-24 blog post linked from the original post. See "7-Day Cap on All Script-Writeable Storage" in https://webkit.org/blog/10218/full-third-party-cookie-blocki...
- Somehow goodsite.com's user ends up on evil.com
- evil.com redirects to goodsite.com?clickID=1234
- goodsite.com's storage gets flagged
So my guess is you are fine most of the time, except if you allow other sites to embed your content in their page. In that case, you should:
- provide the embed on a separate subdomain
- remove features requiring identification if the content is view embedded: attempting to use them redirect to the real site.
Otherwise ITP will mark your domain as tracking and wipe you after 7 days if your user don't interact directly with the site.
I have a hard time deciding if it's a good thing or not.
I guess it has the potential to be mostly a good thing, provided that:
- I understood it correctly, which I'm not sure, as their wording is not clear
- It's implemented correctly. Once the deal is done, it's in the wild years, fix or not.
- It's implemented in good faith. Apple wants to promote the app store and has shown to neuter web apps in the past.
I still have a strange bad feeling about this.
I still don't understand if Safari will delete a JWT in localStorage used to talk to different microservices.
My guess would be that if your user uses service site.com, calling using microservice micro.com, then you have to store the JWT in the localstorage of site.com, but cannot store it on the localStorage of micro.com.
I'm also not sure if "navigation" means through user action or if redirects count, although for the purpose of tracking prevention I don't see how the latter should not also count.
So, if all of this is true the way I understood it now, the restrictions could apply to when someone reaches your site via social media.
I don't think that's true.
I asked the head of Webkit dev on Twitter and he said:
> This time limit affects first-party storage
Could someone please change the title of this post? It's rather inaccurate and spreading FUD... legitimate offline web applications are not going to randomly lose their storage abilities in Safari. Tons of people read this (admittedly hard to follow) blog post quickly and then took a nose-dive into their own hot takes.
Hoping Webkit pushes another of these posts later to clear things up.
My app is an inventory control system used by businesses that build electronics (https://partsbox.com/). Deleting client-side data after 7 days is ridiculous. You can't assume that people will always log in every week, in small businesses or design/manufacturing companies there are times when 2-3 weeks can pass without building new hardware or touching inventory.
Some web apps already saw the danger of having an easily purge-able storage on the client side and simply implemented an export function for their tools. I admire those tools more than the ones who overuse local storage for everything.
One such tool is draw.io, a flowchart maker. You use the app, persist everything in local storage and when you are done, you export your project into a file, all happening on the client side. When you need to edit, you import the file on launch. It's portable, it's protected from browser bugs/decisions and imho pretty user (privacy) friendly.
If you put data in IDB, it will stay there for 7 days and then if it gets deleted the delta sync would just download it again.
Why is a PWA better from a privacy or security perspective than a native app?
The sandbox, while questionable at first, has slowly been improving and at this point gives the same features as the web you're describing. If anything I find the APIs more feature complete, albeit less well documented as... well, let's face it, this is Apple and macOS we're discussing here. ;P
I'll also note that "requires more skills" seems like a bit of a blanket statement to me. They're just different sets of skills.
This doesn't accurately describe iOS apps, the pertinent comparison with respect to the article.
Also would add that Apple vets native apps.
I seriously doubt it. Apple has been undermining web dev for years.
With this change, you're essentially "logged out" after 7 days of inactivity.
This is pretty a bad user experience. I honestly am not sure how to mitigate this. MacOS Safari might not be a massive market, but iOS Safari is.
Any thoughts about how we should address this change?
I could be misinterpreting your comment but are you saying your keys are simply destroyed upon this “log out”? Then I’m not really sure why your platform was considered working in the first place, if it’s tied to a specific browser of a specific device and won’t survive a clearing of storage which any user can do at any time for a variety of reasons?
Eg: in a classroom.
The difference is that one situation is controlled by the user and the other is not.
WebKit blog post from yesterday: https://news.ycombinator.com/item?id=22677605
Do you mean that you deploy a 'native' app that's really just a wrapper around a web view that would also be just Safari? Same policy applies, but now, you have the option, in native code, to siphon off data and put it into Real Storage.
(proceeds to not answer the question)
Found the answer: Progressive Web Apps
It is a “Progressive Web App”. Sorry for the jargon usage without explanation. Basically it is a marketing term used to place some new web APIs and best practices into an umbrella of a “near native UX on a Web App”. What it usually means is that your application is:
* Served from a secure context (a requirement for the other APIs anyway).
* Has an application manifest (this contains metadata about your web app and is used by browsers and OSs to add icons, names, themes, etc)
* Has a service worker (which enables your application to potentially work offline beyond what other cache solutions did in the past)
So with these in place, browsers can offer a “Install this site and an app” feature which allows the site to open in its own window, with its own icon and name on the launchers and home screens.
Local storage should be treated as cache.. it may get refreshed.
What Apple did was fine. A backend isn't only for storage either.
For example, I (used to) maintain a tool that is essentially a save file viewer, but must store some data for decryption of said files. It's an Electron app, but could work as a normal website for the most part as well. I got a prototype of that up and it stores the required data in local storage. I don't want to maintain and host a backend for it, and I'm not too hot on paying Apple's developer fee for it, either.
You may say it's a fringe use case, and it probably is, but it's very much legitimate. I don't know why they couldn't have made storage for longer than 7 days with an extra permission to be requested.
It is my own personal take that PWAs are more powerful than we give them credit and that they could be used for private apps without backends where you leverage the benefits of web distribution while keeping data private. Doing the native/hybrid app forces you into dealing with gatekeepers, distributing on the web does not.
Native applications also require acquisition of a Mac and a $99/year membership (iOS) and $25 (one-time fee for Google Play). A web application is mostly hosting costs which can be near free if you use the right cloud services.
I don't know of an alternative that will let me develop a small tool that will be free to develop and distribute, is not subject to restrictive store policies, works on desktop and mobile and is capable of things like accessing the device's camera and location when necessary.
I'm personally a fan of PWAs because they can't secretly write identifiers to my phone's SD card, they can't extract my contracts, they can't monitor my location in the background, etc. Sure, modern smartphone operating systems allow you to set up proper restrictions, but that puts the responsibility of making applications behave on me instead of on the phone.
Sure, native applications have their place (geofencing, native performance, file system access, system APIs) but in my opinion so do PWAs.
If you care about saving that data forever don't use local storage. Just like don't expect cookies you set on the client not to be modified by the client.
> If your web application does experience website data deletion, please let us know since we would consider it a serious bug. It is not the intention of Intelligent Tracking Prevention to delete website data for first parties in web applications.
Users clear their caches. They swap browsers. They swap machines. They use their phone instead of their desktop. They use private mode, or sand boxing. They re-install their OS. They buy a new machine.
Don’t be lazy. Using local storage without a backup is not acceptable.
And what kind of ‘progressive’ web app expects all the features in every client? Have we forgotten what progressive means?
Don’t be entitled. You are not more important than your users.
Then, if the user clears cache or changes computers, they lose the stuff they were following and have to wait for new items, but it's not the end of the world. They might even expect it if you name/describe the app a certain way.
E.g. if you download an app called "Podcast Downloader" that says it just downloads any new podcasts from feeds you follow for your later offline consumption on your current device - you might not expect a podcast on your phone to magically jump to your desktop without a re-download from the original site.
Seems like it could be a valid trade off if it lets a front end only web dev publish apps he couldn't publish otherwise because he can't/won't do backend. Storing user media on the backend is not cheap. The company I'm at has spent months of developer time moving over from Google to Amazon, for example, just for infra cost improvements that come from serving terrabytes of data off one instead of the other.
Apple didn't kill offline web apps. You can always add an interaction to your app which exports the stored data into a file which then can be saved by the user. It can be done entirely on the client side as well. If anything died here, it is the implicit consent by the user for allowing unnoticed storage space consumption. Implementing an export function will automatically make your app portable, which is always appreciated I believe.
Most data on local storage is some kind of structured tree, table or blob. All can be exported with only little effort.
HTML5 games -> Prompt user with a dialog to download saves/assets after they play the game for a while.
Productivity apps -> Detect "ctrl/cmd + s" to prompt a save dialog. Add save buttons somewhere visible.
Map like apps -> Do nothing. If the user is not visiting the map for 7 days, they don't need the map data persisted either. If necessary, allow explicit save with UI buttons for people who travel often.
Apps/sites which use local storage for auth related artifacts -> Notify users if they click "Remember Me" and explain them the caveats. Allow for encrypted save if users ask for it.
Kiosks -> Use Electron or a similar tech.
I am open to counter arguments. I don't have any idea about how mobile browsers behave for the scenarios stated above.
Edit: I use draw.io since last year and the experience there is as refreshing as it can be in this SPA jungle. I use it as a good example to learn from for my own web app projects.
Name a modern game that required you to manually manage game state files, let alone didn’t have autosave. It’s a feature users expect, and they’re going to have a bad time. I don’t want to play a quick game on my phone and have to remember to save and where I am keeping my save files.
I’d argue a far better options would be just to treat local storage as a permission like camera or microphones.
The current way iOS does it (either keep the game installed forever or erase all your progress when deleting it) is a huge barrier to me getting invested in iOS games at all.
With “save progress to file” (and loading), I would be a lot more comfortable.
I would still want autosave though. No way do I want to go back to the era of “oh all my work for the past 6 hours is just gone?”
The issue with the permission model is there has to be a mechanism to prevent overuse which I believe is always worked around by annoying the user with the prompt as often as possible until they concede.
My browser storage is not a game developers long term storage, its a cache.
> My browser storage is not a game developers long term storage, its a cache.
IndexedDB is explicitly not a cache, it's long-term data storage for significant amounts of data.
No, they generally won't. There also aren't really any "alternative browsers" on iOS, they're all Webkit-based.
> So why wouldn’t user settings exist for other kinds of permanent or session storage?
Nobody is saying there shouldn't be any settings or consent in this regard. What we get here is not a setting, we get one major player deciding that there will be no way to properly implement offline web apps on their platform.
I find this position absurd, just like the suggestion that everyone should start programming complicated user hostile save flows.
But... why? Drag the user through some dialogue to save a file locally / manage / be responsible for that and then deal with that whole deal? That seems like very... old / unnecessary.
The fact that applications store some random things locally to me is neither surprising nor a hassle. Browsers already cache files and etc. Unless I don't know something... LocalStorage and other non cookie options seem just fine / safe.
I get the concerns about cookies and such but this seems a step beyond what is needed into the realm of unnecessary / a hassle for the user.
Maybe I'm missing some bad patterns / dark patterns using LocalStorage and etc but it seems to throw them out with the bathwater.
Here is a fun idea that just came to me (trying to find middle ground here):
- Allow localStorage writes automatically, persist forever (choose your favorite definition for "forever").
- Allow localStorage reads automatically for 7 old.
- Prompt permission dialog if last read from localStorage is at least 7 days long.
I'm kinda averse to the OMG COOKIES and other super technical warning type prompts that worry users, but really don't successfully educate them or direct them too good outcomes / choices. Granted education / good outcomes aren't easy tasks there, but what's the point of a prompt if the decision is made by an uneducated and just annoyed user?
I like the idea of empowering users, but not so sure about how we do it on the web / the best way to do it.
apple should fix their safari bugs first before starting with this nonsense.
Browsers offer a lot of useful functionality, but people increasingly expect them to be a replacement or substitute for an operating system, and in terms of being operating systems, they're all pretty lacking. Mozilla learned about this with Firefox OS (it was pretty cool though, RIP)
I worked with Firefox OS back when Mozilla was seeding dev kits to software companies. It was a great concept but really seemed marred by bad hardware and then organizational paralysis. IMO this is one of the greatest missed opportunities of the last decade - an (actually) FOSS alternative to Android and iOS. No one else making attempts in this space right now has close to the same engineering experience as Mozilla.
For Safari, Apple adding any PWA features came off as them rolling their eyes, sighing loudly and then putting out a half-assed attempt to deliver years-old standards. And rather than switch to a unified extension architecture like Chrome and Firefox (which they were very close to in previous versions), they've gutted extension support to the point where you need can only bundle very limited extensions with compiled MacOS apps distributed on the App Store.
I don't really understand what Apple is even playing at by offering features but not taking them seriously. But I just don't think the LSO expiry move is _that_ user hostile in the scheme of things.
That's the problem, it won't work there. Apples support for PWA's is frustrating to say the least.
It's fair that you might need consent from the user before storing and keeping large amounts of data, but by removing the option you are forcing a bunch of developers to make a native app instead of a webapp which I find quite infuriating.
> If anything died here, it is the implicit consent by the user for allowing unnoticed storage space consumption
What about explicit consent? It also dies. That's just inventing problems.
> Apple didn't kill offline web apps.
Yes, they did. For an app to work offline, you need to be able to at least cache the app itself. If that gets wiped after seven days, you can't call your app "offline capable".
> If anything died here, it is the implicit consent by the user for allowing unnoticed storage space consumption.
What about the "implicit consent" that bandwidth is being consumed?
> You can always add an interaction to your app which exports the stored data into a file which then can be saved by the user.
That would be awful. Imagine being prompted to import your data every time you launch it.
Maybe that sort of works with document-centric apps that have no persistent settings, but even then it wouldn't be possible to integrate properly into the file system in the way users would expect (file assocations).
> HTML5 games -> Prompt user with a dialog to download saves/assets after they play the game for a while.
More like constantly reminding the user that their valuable progress gets wiped after seven days, should they make the poor choice to run the app offline.
> Productivity apps -> Detect "ctrl/cmd + s" to prompt a save dialog. Add save buttons somewhere visible.
Same as above, except the data might be even more valuable.
> Apps/sites which use local storage for auth related artifacts -> Notify users if they click "Remember Me" and explain them the caveats.
"I'm sorry, we made a decision to write an app with technology that, in hindsight, we shouldn't have used. Therefore, your user experience will now be more annoying. Thanks for sticking with us while we're rewriting the app!"
> I hope you don't have any UX design responsibilies.
I don't. We are safe. :)
> For an app to work offline, you need to be able to at least cache the app itself.
You can still do it, for a limited time. Your mission critical app will work offline if you are not planning to isolate your device from the internet forever. I know this doesn't solve the issue but I believe it is the lesser evil.
> What about the "implicit consent" that bandwidth is being consumed?
This always bugged me as well. This is unexplored territory for all browsers if I am not mistaken.
> Imagine being prompted to import your data every time you launch it.
I don't have to. I use draw.io excessively and it prompts me every single time. I actually appreciate the experience but I am a sample size of 1.
> More like constantly reminding the user that their valuable progress gets wiped after seven days, should they make the poor choice to run the app offline.
If it is valuable, maybe browser is not the best medium for it. Here, Apple's anti-consumer practice with its App Store becomes more relevant than Safari's localStorage algorithms.
> "I'm sorry, we made a decision to write an app with technology that, in hindsight, we shouldn't have used. Therefore, your user experience will now be more annoying. Thanks for choosing sticking with us while we're rewriting the app!"
"In order for 'Remember Me' to work as you expect, please visit us every once in while <3"
Progressive web apps are not "the browser". It's a platform to ship apps using web technology that integrate into the operating system pretty like any other app, at least from the user's perspective. It works well enough on Android.
If you have to explain to your users all the caveats that such an app has on their platform, it just becomes pointless. If it becomes pointless on iOS, then it becomes pointless in general. You might as well go with a Web View app then.
Of course Apple has never been all that enthusiastic about PWAs, giving half-assed support at best. It was never a great platform to begin with, but now it's effectively dead in the water, at least for apps that are expected to work offline.
But that is not the deal, the deal is that they fear that more and more developers are moving to webapps instead of developing native apps that need to pass trough the App Store and thus be approved by Apple, and they don't like that.
It's annoying how far Apple is behind Mozilla and Google when it comes to progressive web app functionality, but I don't think their action is as user-hostile as is being raised here.
Pretty much any PWA that was using ipfs as anything but a caching/distribution layer is no longer viable. This is a huge blow to decentralization technology.
Sure, you can make a standalone app, but that is going to cripple already difficult adoption.
This sucks :(
Rather than wiping local storage/indexed DB data after 7 days, could you not just make it an opt in thing, like the camera or mic? For example, ask users "Allow myapp.com to store app related data on your computer?". If they allow it, then give access to local storage APIs, otherwise don't. That way users can still have fully local PWAs if they wish.
As an ardent PWA developer, this change annoys me immensely.
> Heck, they could even go further and ban apps from corporations like Facebook, Inc., and Alphabet, Inc., that have violating your privacy as the core tenet of their business model.
If Apple were to ban the Gmail app (and obviously block web access via iOS too because that would be a loophole otherwise), I would throw away my iPhone, swear off business with Apple, and search dearly for a way to sue them.
I don’t love the walled garden iOS represents, I merely live with it in exchange for great hardware and UX. If the bargain changes to be more restrictive, I would turn against it in a heartbeat.
Thinking about that, is no surprise Apple is striking out early to make web apps useless. If they wait too long, they will become entrenched, and people will feel like they have lost something if access is restricted. Apple really wants to jealously protect its control, and more importantly ability to take 30% tax of every transaction that they can perceive.
I have a copy of my “DAT Shopping List” demo I last opened about 6 months ago saved to my iPhone home screen... I opened it, and the data was still there. I’ll be really sad when I open it again after iOS autoupdates and the data will be nuked.
"After seven days of Safari use without the user interacting with a webpage on website.example, all of website.example’s non-cookie website data is deleted." (https://webkit.org/blog/9521/intelligent-tracking-prevention...)
Granted, this could turn out really well if the industry adopts another standard which requires user permission, overcomes this limitation, overcomes the existing limitation of LocalStorage on iOS getting automatically cleared when a device is low on storage, and overcomes the problem of sites being able to use up a lot of storage on users' devices without their knowledge.
I'd be very welcoming of such a standard. These could be good future replacements if the industry can adopt them:
These technologies can be leveraged to improve usability. Unfortunately, advertisers and 3rd party trackers make it so we can't have nice things.
They threw LocalStorage and etc out with the bathwater that are cookies.
You Apple users will put up with anything!
(disclaimer: iOS user)
> "...But deleting all local storage (including Indexed DB, etc.) after 7 days..."
From the Apple announcement:
> Now ITP [Intelligent Tracking Prevention] has aligned the remaining script-writable storage forms with the existing client-side cookie restriction, deleting all of a website’s script-writable storage after seven days of Safari use without user interaction on the site. ...
On the other hand, this direction keeps web devs honest: local storage, service worker, cookies and other script-writable areas are meant to be temporary.
Apple want to move you closer into their walled garden with the prospect of enhanced privacy.
The idea that iPhone apps are more private than web app because Apple must approve your apps is troublesome.
Other domains I'd actually prefer to be indefinite. I've got a notepad thing that uses local storage and doesn't store its data on the server. There's no excuse for deleting its data since its user data. Apple therefore has no permission to delete that data. Do I have a non-cloud workaround for that?
Its likely blocked by app store rules. Supporting extensions is probably forbidden.
Anyone care to be more authoritative based on their AppStore knowledge/experience?
Good question. The definition of a "progressive web app" is vague. What they seem to mean is a web page which, once you visit it, is cached locally, and thereafter runs locally. The web page accesses various servers, not necessarily ones from the same domain as the web page. Persistent state, if any, is stored locally. The page gets its own icon on the home screen somehow, so it sort of looks like an "app".
Apparently "progressive web apps" are supposed to have a browser service worker so they can get notifications pushed to them from somewhere, although it's not clear why that's essential. That would seem to depend on whether the function performed requires being notified of something happening elsewhere.
Apple apparently dislikes this because they don't get to force people to use their store, with their big cut of the revenue.
Is that about right?
Does this only apply to pages read through Apple's browser, or does it impact Firefox, too?
This is part of the motivation. The other is advertisers using persistent local storage to track users .
Progressive Web Apps are strictly defined:
1. The app has an app manifest describing metadata about the web app, enabling it to be treated like an app (e.g. it can be installed)
2. The app has a service worker, enabling it to work offline like a native app.
3. It's served over HTTPS.
Those are the 3 technical requirements of a PWA.
There's also the philosophical direction of Progressive Web Apps: they're progressive, meaning they offer the app's essential experience no matter the device, but enhance progressively based on the device they're running on. That is, more capable devices let the app offer more functionality without blocking out users on lower-end devices.
This applies to WebKit, but if that decision sticks Mozilla might follow. Who knows... I hope not. Also be aware that Firefox on iOS is WebKit.
Sorry, but no way.
To violate privacy (aka enable tracking) a sub-iFrame could be set up that uses "local storage" with a parent page security policy that allows communication across the iFrame boundary. Sorry, yes, I am being a bit vague.
Who cleans up ~/Library/Safari/Databases? I personally see crud in this directory from 2011 that has been migrated from older systems.
Almost not relevant now, but Flash also had a "local storage" system that was shared across all Flash Apps. It also allowed (before sandboxing) local apps to proxy and communicate (via shared memory) with any standalone Flash App on the system through any page that used the Flash plugin -- i.e any running web browser, violating all attempts to have web compartmentalization rules.
Please read the HTML/Web Storage standard  and try to find where Apple is not honouring it.
Even before this move by Apple, you should already had to consider localStorage to be subjected to being wiped by actors not in your control.
On top of that, localStorage privacy concerns were also in the standard. See section 11.4.1 .
Nevertheless, I reckon Webkit should expose the option to the user.
I feel your pain, I really do, but I can't see how Apple made PWAs impossible.
Interesting he ran into the CORS situation with PWAs. It makes sense. It feels like even PWAs aren't that far off from Electron. Sure you're not launching another browser and can share a browser engine, but you hit other limitations.
I'd rather have a real, lightweight, stand alone app most of the times honestly. I wish people would write more stuff in Qt5. You can bundle Python+PyQt5 together for a reasonable licensing fee. A great example is the Resolve color/video editor is written in C++/Qt5.
We then link them to a $30-$50 Android device that they can buy on Amazon and use as a second device to use our services "if they are interested in a more powerful web experience". We provide a basic version to all users, but put a shamewall for advanced features. Best use of our time and resources.
It is time to push back, stop making Apple's problems your problems. Educate people without ranting and offer them solutions, developers have the bad habit of trying to cover up this kind of non-sense and taking the blame while really Apple are the ones who should be ashamed. If people love your product/service getting a $30 phone to be power users and make their life easier and their experience richer will not be a big deal for them. It's all about educating them the right way.
And that's the real nature of the market, isn't it? If enough third-parties aren't willing to play by Apple's rules, Apple will have to modify the rules.
They're a stubborn company, but it's happened before. They've also been burned trying to own a standard when a common consensus exists they can't control before.
90% of software engineering (or engineering in general) is finding solutions for difficult problems. Throwing up your hands and saying you refuse to support one of the most popular computing platforms is certainly a decision that any business is free to make, but then again as a consumer I’m free to make my own decisions as well.
OP doesn't need to spend excessive money on developing for a Evil company, and those who buy their products can go to a competitor with a more expensive product.
Nearly everyone has at least one non apple product, so it seems like it would be a problem for a limited number of users.
OP, you are doing God's work.
There is a lot to love about Apple products outside of a few safari restrictions. They're not perfect but better than a lot of alternatives.
Why isn't our product taking off?!
That’s a genuine question by the way. I’ve been frustrated by Apple’s reluctance in the past but since they implemented Service Workers things have gotten better. I still really wish they had Web Push but I do understand at least conceptually why they’d be hesitant.
So you're suggesting shifting the development costs of you building a native / cross platform app directly to your customers? Does this work?
Of course, if everyone did the same, people would start to realise the problem might be with Apple, but the chances of all (or most, or even many) big web services deciding to alienate such a large portion of their (potential) customers seem slim.
In the general case, almost all websites and web apps don't need offline storage at all.
But the ones that do often need it for very business-enterprise reasons, and here Apple is taking a bit of a risk. I've watched companies hang onto old versions of Flash well past the sell-by date because for quite some time, it was the most practical platform to build a cross-platform videoconferencing client in. And once it's built, the opportunity cost to throw it away and switch to [OTHER_TECHNOLOGY_X] matters.
My point is that Offline Web Apps (i.e. PWA) that are installed on user's desktop should have a bit more permissions than websites but people in charge(google, apple etc) seems to think otherwise.
This is absolutely a necessary change on some level, but I think if Apple wasn't in complete control of a web monoculture (and obviously uninterested in anything that doesn't sell more iPads), it would be possible to steer this API towards that without breaking a bunch of peoples' stuff.
JWT for example.
This doesn't "destroy" the PWA ecosystem. Just makes a user's intention explicit when they save a PWA to their home screen, rather than continuing to use it within the browser.
From the WebKit Blog (https://webkit.org/blog/10218/full-third-party-cookie-blocki...)
"Web applications added to the home screen are not part of Safari and thus have their own counter of days of use."
A little LocalStorage isn't going to hurt you.
Cookies I get, but I don't know of any dark patterns with localstorage / the benefits are pretty great.
One of the pages linked there just says local storage is used to store stuff... yeah? It's still not as wide open as cookies.
You could use local storage while doing other things, but i'm not convinced it's a serious issue with tracking or etc. ... and if ANY storage is considered an issue I think we're in for a big snowball effect on what we should or shouldn't allow from ... anything, including native apps, etc.
(it does on android)
I get that controlling the walled garden is apple's mobile strategy now, but this is costing developers so much blood sweat & tears.
Both xcode and android studio are heavy + horrible compared to web, and the fact that you have to use both tools to release at scale makes them worse. Shopify wrote a dev post a few months ago saying 'we're react native as much as possible now' and claiming it makes life easier, but react native is worse than PWA because you still have to build for mobile 2x and deal w/ app store nonsense.
If PWAs supported push on ios, with or without cookie expiration, they'd be the preferred launch strategy for most non-game apps.
I’d be happy if Spotify gave me an API key and essentially went away except for a monthly bill.
But software has to be a product the masses get first to get made in our world.
I’m glad some folks are having their itch scratched but free streams are more than enough and I can wrap them for consumption as I choose.
Once again building your life around importing someone else’s priorities turns into an exercise of despair from not learning how reality doesn’t stand still no matter how hard you hope it will this time.
A local storage is the only way webapps can store any data in your computer (other than asking you to manually load / save some configuration file). Not all webapps can afford cloud storage for all user.
As I said, that use case was out of the window long before. From the start, as far as I know.
No browser has ever given you any definite promise on whether your local storage data will be kept. That's also true for IndexedDB. So you need a mechanism to restore that data, be it cloud storage or something else.
If you wanted to support Safari private browsing, you even had to deal with local storage not being available _at all_.
Of course, browsers are free to do whatever they want. But the user can (and will) switch to the software, which does what he or she wants.
Basically, you cannot be sure that you can use it to persist data at all.
It works for majority of standard cases and when it does not work, user will receive error message, so he'll be aware. Not the case for Apple devices anymore.
If Apple provided an alternative this would be ok. An alternative such as the native file access API (still a WIP). Or a prompt so that the user can allow long-term storage. Or supporting the web app manifest so that users confirm they want to "install" a web app, granting it greater permissions.
But they've offered no alternatives here, that I can see. They've determined that client-side web apps are simply not important.
For webapps that keep a session token stored locally, this will be inevitably wiped, so users will have to re-login after that time. I can already hear the complaints coming. Should devs now build a back end just to keep the token, and connect there with a cookie?
I worry that 7 days is too short of a period even then, but I do agree indefinite local storage does not make sense in most cases.
Perhaps using something like this:
Anyone know of other Web APIs that could be used?
Your offline app should ALWAYS sync to the server whenever possible. The only bad thing I can see here is that if you can't upload the data in time and the user then doesn't use your app for 7 days, he will lose what he last worked on, but such is life and why you should rather use real apps. Offline apps needs to work differently, they need to get permanent storage just for that app but only if the user explicitly choses to install it like that. Not every random page should get permanent storage on your device. This is the right move, Apple might just lack an alternative for apps you actually chose to "install permanently" ;).
Forgive me, I’m a long time Android user, but do a lot of people choose to use safari as their main iOS browser, or are the usage numbers inflated because of the vendor lock in?
To be clear, only the rendering engine is fixed on iOS. Chrome, FF get some leeway to build other bits of the browser themselves on iOS, such as the netstack and the UI. But all new web features are limited to what webkit supports bc, well, it's webkit.
A browser plugin might be one way to achieve something like this. Personally, I really don’t care about the data my feed reader has, so I wouldn’t mind even public data storage backends, like gist. Or steganographically encoding my list of feeds and uploading it to porn sites :)
I can understand Apple's decision to do this, as there's a lot that can be improved about offline storage on the web:
* asking for user permission (i've seen demos try to exhaust the users' storage, and trackers can use this to invade privacy)
* async writes and reads
However, making a change like this with no suitable alternative leaves PWA developers stuck in a hard place. I'm not sure what can be done in the short term here.
There's a few web specs that address these issues. I'd love to see them come further along, and maybe improve things for developers and users in the long run. If anyone knows, is there anything that members of the community can do to support these efforts?
I noticed a text editor I bought from the Mac App Store, iA Writer, includes silent spyware that transmits your activity back to the developer without notice or consent (thank you, Little Snitch). Apparently, I "consented" to this in the Mac App Store ToS (right).
When I left a negative review on the app, their response was "we aren't doing anything not permitted by Apple in the App Store".
I don't use App Store apps any longer, and I take most of what Apple says about privacy with a huge grain of salt.
PS: OSX phones home to Apple in about a dozen different ways even with iCloud entirely disabled and all reporting/telemetry/feedback options turned off during the OOBE/setup. Try doing booting a fresh install of macOS with Little Snitch, but disable the Apple/OS exemption in Little Snitch's rules. I was astounded. Dozens of things.
I wonder if there's any major, widespread GUI OS in a default configuration that does not transmit to your ISP and third parties (including government snoops) when you open a local text file to write. I block all of these requests; most do not.
I am reminded of Winston Smith's paper journal.
If this is done for privacy's sake, that is.
No matter what browser vendors do, it will never be enough for "privacy" activists.
I can easily go to the settings area and delete my entire browser cache (Remove All Website Data), in fact if you are running low of space it even tells you to do it.
Why are people assuming things stored on a browser are a good place to store things. Nothing stored on a browser should be assumed to be forever.
All apps that you download from App Store can live offline, where they're usable without Internet or trusting some faraway web server.
You can't make a web app that can do that, and to some people it smells like Apple trying to force developers to release through App Store.
Apple forcing local apps to distribute through the app store is a feature.
No, not in the era of "progressive web apps", which is really just a little bit of branding around interconnected APIs. The Cache API in particular means that a webapp can be downloaded and made available offline on a permanent basis. Unless it isn't actually permanent at all, which is what Apple are doing here.
The web and the App Store are just delivery mechanisms for code with different trade-offs built into them. Apple have added an extra trade-off on the web side in the name of privacy.
The advantage of PWAs then seems to be the ability to dodge the app store certification which, while onerous, is not a bad thing for your clients.
Except when you have to pass some of the 30% Apple fee on to your clients.
Where as developing a PWA can be done on any hardware, and would be natively cross-platform. An offline PWA does not require an active connection, and in fact is the one of the reasons behind the idea of developing a PWA instead of a general webapp or website.
All other browsers allow the use of local storage to optimize and enhance your experience by allowing things like pre-loading data or storing your preferences. This disappears with the decision Apple made to clear storage.
As lliamander said, if they don't care, why not make it free? I don't for a moment believe the argument about creating a barrier for negative actors. They could still screen apps before allowing them into the App Store, and if that mechanism is working reliably then the charge is unnecessary as a deterrent, while if it is not then the financial deterrent isn't going to be enough to stop a lot of people willing to make these kinds of apps anyway.
Not for users - now there's one less avenue for developers to get them something they want.
Not for developers - now they have to jump through additional hoops to make something that works cross platform.
Who exactly does this benefit?
Do any of you have an example of a good offline-only PWA that will be affected by this?
But if you look at native apps, especially ones I use on desktop OSes, they're dominated (at least in my usage) by offline-first or offline-only apps---and for me, this is a feature, not a bug. This doesn't have to mean they don't have sync, by the way, it just means that's separate from the main functionality of the app.
A perfect example of this is Dropbox: it syncs to your local disk by default. It's easy to forget how valuable this is until you go camping (or similar) and suddenly you realize you forgot to star that one directory you care about. Now your mobile phone is useless, but your laptop works no problem. And due to this being factored out into a separate app, all my files now work regardless of file type (I don't need separate offline support in every app I use, since that's the default).
There are two ideas that go together well:
* The app can work offline
* The app doesn't need a server to function
Neither of those prevent a sync function from existing.
Right now, apps can do both of those. Why don' we want PWA's to be able to do the same? Why do I have to go through Apple's walled garden in order to so? Especially when said alternative is in a sandbox?
This sounds like a seriously poorly thought out idea. Want to clear tracking data from random websites I've been to? That's great. But you don't mess with the data stored by apps I have specifically _chosen_ to install on _my_ device.
Plus a local note-taking app I created a while ago
Have you ever gone through the app review process? It can be frustratingly capricious, which makes it very expensive. We've had features in our app for years, displayed in plain sight, and then all of a sudden they decide to block an update because of these utterly innocuous features. No rhyme or reason, and now we've got to spend dev time fixing a "problem" that never was a problem before. And we have to delay our entire update because of it.
PWAs offer a way around that uncertainty and added cost. There's also the cost of a developer license, and the Apple hardware you have to buy to run XCode (and probably iOS devices too, so you can test IRL).
EDIT: Also, it's probably cheaper to develop one PWA than a PWA + N native apps, even if N=2. Probably lots cheaper. Now, perhaps there's a way to build a native app that is just a wrapper around WebKit/Safari and a PWA, but you'd still be subject to Apple's walled garden. For example, think of Gab or some such website whose apps have been banned by the various app stores...
No, it just has to run in a browser.
Or from an extracted archive (much like a native app).
Also, the entire point of PWAs is that they are supposed to have feature parity with local apps, but delivered via the browser. This change is obviously counter to that goal.
Forcing companies to give Apple 30% is not a feature.
If companies feel they can deliver a net experience in webapp that's better than an app, then so be it, it's their choice.
App makers are smart enough to know what makes sense for them.
Yes, they changed direction in 2008. That's just it, though. They changed direction.
Relevant quote (emphasis mine):
> Now ITP has aligned the remaining script-writable storage forms with the existing client-side cookie restriction, deleting all of a website’s script-writable storage after seven days of Safari use without user interaction on the site.
If a website hasn't been used for 7 days, I'm happy for its data to disappear and save space on my device.
You might be, but maybe not everyone is. I've worked on apps based around multimedia content where downloading in advance to watch or listen later was a big deal, because a typical user also travels a lot and might well be going away for longer than a week. Even if they can get the same data again next time they're online, it might still be much slower and more expensive for them to do that on an international data plan instead of back home.
I'm not sure how much that assumption really holds any more, nor why it should necessarily continue to do so even if it has so far. Technology evolves, and so does how we use it. In the case of the web, and web apps in particular, they have evolved to satisfy a need for convenience in software distribution that many traditional desktop OSes had hopelessly neglected for a very long time and where the developer experience for native mobile apps is less than ideal.
I appreciate your comment about the trust issue, but the bottom line is that these technologies do serve a useful purpose for some people -- I have the customer feedback at my own businesses to make that clear -- and the experience web developers can offer on Android with PWAs will now be significantly better than what they can offer on iOS.
No, that is trivial to do: just make an actual damn application.
What the author is complaining about is that it’s impossible to make a text document that pretends to be an application that stores data in ways they were never intended to be stored.
A webapp is "an actual damn application". Can we just dispense with the repetitive arguments about this every time anyone so much as mentions adding interactivity to a web page?
So trivial that all it needs is learning a completely new skill set and tools, signing up for a gated distribution mechanism that can kill your application on a whim if you violate any of the rules over which you have no control, and then giving a huge cut of your revenues to the rent-seeking platform owner?
The web has been more than just text documents since around the turn of the millennium. It's probably about time we stopped ignoring 20 years of very popular evolution and pretending that what might have been "intended" before a lot of people reading this comment were born should still guide what we build today.
You must've been not following things. The web platform is an application platform and has developed to that end, for many years.
Progressive Web Apps are applications based on standard Web APIs that are designed with the intent to enable offline-capable applications with persistent offline storage of significant amounts of data.
No it’s not. Using it like that is a lasagna of dirty hacks. The web is for structured text with hyperlinks, everything else is bullshit that doesn’t belong on the web.
First it's a bunch of dirty hacks. Then it's an informal convention. Then it's a standard. Lots of technology evolved that way.
All the stakeholders driving the web standards forward are focusing on making it a more powerful application platform.
> The web is for structured text with hyperlinks, everything else is bullshit that doesn’t belong on the web.
That's your personal opinion on what the web platform should be, not what it is. Of course it's a crappy platform in many respects. Of course a lot of people don't like the way it goes. It doesn't matter.
Are any of them outside of chrome’s WebWorker team, or the community of devs that were suckered into a model that really has never gained traction for iOS?
I’m sort of sympathetic to the devs who bought in to the solution, but this looks an awful lot like a pr pressure campaign that is unhappy with how this affects googles disintermediation goals.
But if you have to wait every time your last interaction is more than 7 days ago, the whole experience will change. And supporting a reliable offline experience will be very hard to build.
There is no hard limit on how long things will be stored. Data in localStorage might still be stored for weeks/months/years, as before.
The only limit is on how long things will be stored if the user does not interact with the site/PWA.
If you are a website, not a natively-installed app, that I haven't "used" in a first-party sense for 7 days or more, I don't think your data belongs on my device.
Storage space can be limited, and any app I haven't used in 7 days should be happy to re-fetch my data from a server or convince me to install their native app.
To act like this is some nefarious plan by Apple to get people to build native apps instead of PWAs is absurd. If a PWA was written properly in the first place, this change will have basically 0 impact on it.
This move is _an_ example of Apple's (understandable) hostility towards PWA's, but you must understand the context here: There is a threshold beyond which PWA's become a generally acceptable strategy, and the quality and diversity rise over time. Apple is preventing that with this move (and others). That's why people are upset. Moreover, the outcome of this will be more "native" apps that are actually just wrappers around web apps, that exist purely because some basic functionality is being actively blocked by Apple.
Consider the use-cased of this example. If I am actively job-searching, I will probably be using the site at least once per week, and the data will be saved throughout the process. When I stop using the site, I want that data to disappear for my own privacy/security; and if users want to save the data indefinitely without signing up for an account, then offering an export (e.g. CSV) seems like a reasonable way to address that.
Furthermore, non-Apple user agents may retain data as long as they like, and PWA's (as well as web trackers) are free to utilize that. It's not like this move implements any additional vendor lock-in; people who don't like it will switch to non-Apple platforms.
> Moreover, the outcome of this will be more "native" apps that are actually just wrappers around web apps, that exist purely because some basic functionality is being actively blocked by Apple.
This doesn't seem problematic. It's great if you can reuse some code between your web and native apps. Obviously truly-native UIs will be more efficient in many cases, but perfect needn't be the enemy of good.
If one of those is using a JWT for auth in localStorage (something which is extremely common) you'd need to login every time you visit such site.
The more we use these, the more likely the APIs are to be fully implemented (and hopefully have features added to them).
I think they just want to push people towards native apps so they have full control. Apple always wants control.
First they prevented plugins like uBlock, made it very expensive to create your own plugins, and now they're messing up LocalStorage.
It editorializes away the point of the post, which is that, according to the author, "Apple just killed offline web apps while purporting to protect your privacy [by forcing WebKit to delete all local storage after 7 days]."
If this encourages more apps to go the native route, we've done more harm than good. Apps can gather a lot more data than websites, such as the dreaded contact list access.
There is no change without applying pressure at Apple. If this is important, we must speak about it, all of us. And yes, I understand that some people feel that this is not important for them, that is OK, we have different values and understandings, but if you have an opinion about this, please go out and post to your blog, dev.to, medium, whatever, but post.
edit: 17 minutes after posting this comment critical of moderation, I am unable to submit a new story. Coincidence?
I was confused as to why the page in question had changed, but I realized it was moved.
Why Apple is not facing antitrust charges for not allowing competing browsers on their platform? Microsoft didn't SHIP competing browsers, but allowed them to run just fine on windows, and was fined nonetheless, but Apple somehow gets away with not even allowing competing browsers at all!
I'm not from the US, so maybe I'm missing something about these antitrust lawsuits. Can someone please explain?
1. Apple is not a monopoly player in the app market.
2. Microsoft's antitrust fine was for forcing OEMs to not include any competing browsers (Netscape) on threat of losing special pricing.
Apple has a 100% monopoly in the app market by running the only AppStore available for iOS devices, and that store review guidelines specifically prohibits use of any other web rendering engine but WebKit 
> 2. Microsoft's antitrust fine was for forcing OEMs to not include any competing browsers (Netscape) on threat of losing special pricing.
That's not the only lawsuit they faced. There was EU case that forced MS to make a special installer  for alternative browsers.
I really can't perceive the meaningful difference between these cases. And I believe it's about time to force Apple to allow installation of alternative app stores, from where users would be able to install all the apps they want, without being handcuffed by device manufacturer.
iOS with a 13.4% global market share as of 2019 does not even come close to monopolist status. While I'd like to see iOS forced open as well, there is currently no legal method to do so.
So, in the escalating war Apple alters local storage so that non-use for more than 7 days doesn't keep data along. It becomes less valuable for use with tracking.
The trade-off is that offline web apps become less capable and some use cases go away (e.g., completely offline).
Which trade-off is better for whom and in general? I've not thought to know. But, the trade-off is worth pondering. Whether we agree with Apple or not.
(edit Turns out that's not quite right, see diggan's reply.)
From the article:
> You’d almost think they had an App Store to promote or something.
There's certainly a tension here. I'm still not sure why more vendors don't make iOS PWAs to get around the App Store payment rules.
Perhaps related: Very roughly a year ago, something changed in iOS that broke the 2048 PWA. Its swipe-detection no longer works. A pity.
Because users won't use them. For users that don't have a technical background: if it isn't in the app store then it essentially isn't an app. For techie users: lots of us don't want web apps because of the power, memory, and bandwidth usage is often higher than a well written native app. The fact that there's a gatekeeper who has some control over what shows up in the app store is usually a feature and not a bug.
If there were big parts of the app ecosystem that didn't have native apps, then eventually users would find web apps. But that isn't the case. Think of anything and search for it in the app store and there's an app for it (including 2048).
I'm not convinced of this. If it has an icon like proper apps, and feels like an app, I don't think users are going to mind if it came from the App Store.
The question is whether the unfamiliar 'installation' process is too fiddly for non-technical users. I don't think it is. I figure a 10 second How to install our app animation would do the job.
A closed, curated app store gave less technical users the confidence to actually download software without concern that it would screw up their device. However, things which have a different model like web apps or system extensions (read: keyboards) were also put into the same distribution mechanism.
You can see why as it removes a barrier to using them: people just go the same place they've always gone to get software on the platform. They make no distinction between the native Gmail app and GIF Keyboard because the install process is the same and each are displayed prominently.
In reality, 3rd party keyboards and the like should probably be handled - from a UI standpoint - like they are on macOS, inside System Preferences/Settings, with no app icon on the homescreen, they simply aren't as important as full blown apps.
^ People will dispute this and that's really nice...but they're wrong.
It has become spam, just like news sites asking to send notifications.
Similarly, an offline capable web app is not necessarily a PWA, as PWA carries a lot of features to it besides being offline capable.
So yes, this would mean it doesn't run the risk of ex-filtration or snooping at the transport layer, as the data never leaves the specific website context in your browser.
One reason is because Apple have incentive to break PWAs and they will do it. It's not a wise business decision to act against big player.
Gaia is one example: https://github.com/blockstack/gaia
(I've worked on Gaia so I'm biased but there are other such decentralized options as well.)
Seriously, you should browse the web for a bit and see just how many "client side PWAs" you've used/installed, vs how many tracking identifiers have been installed.
Why? Why isn't the case that the code which runs Electron, and library code JIT-ted by Electron can't be reused by other processes on the same system?
Of note, John’s replies also mention this policy does not apply to WKWebView or UIWebView, because they lack ITP.
PWA is about the web.
I remember when Edge/IE was crap, I put up a couple of banners that Firefox/Chrome/Safari are officially supported browsers and people did move away from Edge. Had <1% of traffic from there.
I have already stopped building native apps because the App Store process is so painful.
First of all, the various kinds of browser local storage have always been volatile. It has always been a bad idea to treat it as permanent storage. Maybe it's a little more obvious now? Not exactly a bad thing.
> the PWAs I was building here might just be dead for iOS users
If so, it was already dead for your users, whether you realized it or not. I guess you were going to implicitly promise something you could not deliver: that your PWA would keep track of the feeds the user was subscribed to (and perhaps also keep track of what had been read, and other user state). But you were going to screw your users, because a PWA without external persistent storage could not do that reliably. It's really luck for your users that this caught your attention and has you rethinking your app.
A partial list of things completely external to your app (not including this change) that could cause your users to lose things important to them that you stored in various local storage...
* user switches browser
* user has multiple devices
* user upgrades phone (or tablet, or workstation, or laptop)
* phone (or other device) goes in for repair or upgrade
* major change to browser (like Edge moving to chromium)
* some OS updates
* user clears browser data (as innumerable troubleshooting processes suggest)
For the past couple of years I worked on an education app where users are 90% of the time offline. Users can remain offline for weeks. There the is no reliable internet in most of the schools in Mexico.
I don't work on that company anymore but this is going to be a massive headache.
Most apple apps are privacy hogs which don't have any way to turn off tracking. In apps, Apple created a prison which noone can question and everyone will allow them to do all abuse. Look at Apple News.
It does seem that Apple intends to cripple web technologies in order to move developers to their native platform but this will likely do more damage to privacy than anything. All of the alternatives to local storage for simple mobile apps typically involve moving data to a third parties like Firebase, AWS, etc.
Simple apps that didn't need a server and could just keep data or user-preferences locally would now need to either create their own data service or pay for a BaaS which means moving your data out of your control.
This behavior leads to companies like Under Armour to house data they shouldn't have and puts everyone (150M people) at risk.
LocalStorage is not a substitute for an actual database, it’s a cache. The problem with the author’s technique is that privacy minded users clear their browsers from time to time, so they would be inadvertently clearing data they actually wanted to keep because who uses LocalStorage as a persistent data store? Sure it could be used like that as an “off label” use, but generally it’s used to cache what is persistently stored elsewhere or used as a means to avoid multiple network calls in the process of doing something (such as saving calculations, the results of which would be eventually persisted.) Local Storage should be used as if it were a session store rather than something persistent.
If the web browsers would provide _some API_ for persistent storage without yanking the carpet out from underneath developers this wouldn't be such a huge problem. There _used_ to be a file-access API but it was removed.
Personally, I think web browsers are too large a surface area to secure/keep secure and the world is probably going to swing the opposite direction to native, downloadable applications without the interference of a third-party store.
Wait, you think downloadable native apps without any intermediary to validate them is more secure? What you're describing is basically the old shareware system, which was riddled with security issues.
I don't understand why an installed PWA should not be able to keep their storage just as a "normal" app can. It would clearly be better for both developers and users. There are so many apps & websites that could be more privacy friendly if they could just trust localstorage to actually be "storage".
Most users are asked to install multiple apps for the normal sites they visit (like news sites, social media, imagehosting and more). They usually don't, and that's good. Those apps should not be apps, they should be websites. Most of those apps can be a simple website. If the users want/need more functionality that can be within a installed PWA.
I think this is more people and developers fetishizing what it means to be in the app store or to be "native". If we can run it all in probably the best sandbox we have available without having vendor specific builds or vendor specific prompts why would we as users or developers want anything else?
Some apps should be native. But the majority of them would be better as webapps rather than android/iOS apps.
EDIT: Also I'd argue a lot of those problems are artificially created by the platforms, not the developers.
If so, assuming the application is used more than once every 7 days, this seems like less of an issue.
"Privacy is a fundamental human right."
Apple will do whatever it takes to protect its closed ecosystem, and if that means killing PWAs built with open web technologies they'll provide any dubious excuse to justify it (security, privacy, blahblah). They did the same back in 2010, killing a perfectly valid app platform that was picking up momentum, but they didn't control. A platform that was 5-10 years ahead of the "open web".
Looks like this time they won't use HTML5 as piss-poor excuse.
- They have a News app
- They haven't rejected apps from Google and Facebook
Can you imagine what would happen if Apple rejected apps from Google and Facebook? Can you even fathom the outcry?
Apple News uses differential privacy and doesn't track user history, but yes, they do provide personalized News I guess? They must not care about privacy at all then!
If you're upset about a seven-day limit on local storage, okay. I get it. It sucks. But to claim Apple's reasons for this are invalid because they allow Facebook apps to exist, that's... weird.
Rational readers click back and move on. You end up just preaching to the choir.
This particular complaint is paradoxical because Apple birthed web apps, and has done more than anyone to make them a reality. Unfortunately they remain a very rare beast -- extraordinarily rare -- and are dwarfed by the privacy concerns of people using iOS just to browse. So the team dealt with that. Seems a fairly obvious pros and cons analysis.
Maybe they'll add an exception for installed to desktop webapps.
Sounds good to me, I don't want websites turning my browser into a p2p node :)