forked from alcinnz/PostJS
Wolf480pl
ce4fdbef18
|
||
|---|---|---|
| proposals | ||
| LICENSE | ||
| README.md | ||
README.md
PostJS
Draft webstandards for a post-JavaScript future.
Goals
- Strengthen browser security
- Simplify the webdev for non-programmers, and ease creation of WYSIWYG editors
- Increase web accessibility
- Make it practical to make a new browser engine from scratch
Principles
- No (batch of) request should be sent without informed and explicit user interaction. That is
- Do not support Turing Completeness on the clientside. If it is, that's a vulnerability.
- Avoid having the specs refer to particular UI devices, which should particularly work to support accessibility UIs.
- The specs should never let pages wait on a permission to be granted, allowing browsers to present them in a way to encourage users not to bother granting them.
- Pages without permission must degrade gracefully.
- These specs should gracefully degrade to existing non-JS specs.
- These specs should cater towards a web of documents - towards communication. If distributing sandboxed and cross-platform apps over the web is valuable they deserve their own standards/file formats.
- Do more with less. Provide few simple mechanisms, that are easy to reason about, yet can be used in creative ways to accomplish a number of things.
- Make the mechanisms of this Web transparant. When users are aware of what links, webforms, etc they no longer need to learn how to use site individually and they can better control their privacy.
- Browsers should strive to appear identical from the perspective of webservers, limiting the ammount of system information they recieve. This combats browser fingerprinting.
For more information see our CryptPad document.