nihilist/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org synced 2024-11-30 06:53:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

change title

Browse Source
This commit is contained in:
fria 2024-11-23 20:41:23 -06:00 committed by GitHub
parent 89e2d75d83
commit 76d78db04c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
blog/posts/pwa-vs-iwa.md
View File

@ -10,7 +10,7 @@ tags:
- IWA
license: BY-SA
---
# PWA vs IWA
# IWA: The Future of Web Apps?
The concept of a [Progressive Web App](https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps) is enticing: an app using web technologies thats inherently cross platform (since it runs in a browser) and acts like a native app, even functioning offline. Support for PWAs in traditionally locked-down platforms like iOS means that PWAs can give users the freedom to install apps without having to go through Apples App Store.<!-- more -->
@ -20,7 +20,7 @@ So why isn't every app shipping as a PWA? The answer is an age old problem with
A typical native app is downloaded onto your computer and only updates when the developers push an update out, and there's usually a process of checks and verification before that happens, like Apple's [App Review](https://developer.apple.com/distribute/app-review/) and the Google Play [review process](https://support.google.com/googleplay/android-developer/answer/9859455?hl=en). Plus it's much more difficult to only target a specific person, like someone with access to the servers that serve the HTML, CSS, and Javascript could do.
Isolated Web Apps (IWA) build on the work done on PWAs and [Web Packaging](https://github.com/WICG/webpackage). They are a specification that allows web content to be distributed offline outside of a browser, much like a traditional app. It can be signed just like a regular app too, allowing you to verify that it came from the proper place and hasn't been modified. You could install an IWA from your favorite app store just like any other app and have the same security assurances. For security-critical apps that use E2EE, this would be incredibly useful in allowing for cross-platform E2EE web apps that don't need to trust a server every time you use them.
Isolated Web Apps (IWA) build on the work done on PWAs and [Web Packaging](https://github.com/WICG/webpackage). They are a specification that allows web content to be distributed offline outside of a browser, much like a traditional app. It can be signed just like a regular app too, allowing you to verify that it came from the proper place and hasn't been modified. You could install an IWA from your favorite app store just like any other app and have the same security assurances. This would be incredibly useful in allowing for cross-platform E2EE web apps that don't need to trust a server every time you use them.
There are some [criticisms](https://github.com/w3ctag/design-reviews/issues/842#issuecomment-1989631915) of IWAs, at least in their current form. It'll be a long process of iterating on the design before a version of this idea that's secure and available across browsers.