Also are you guys/gals also add anymore federated services support in the future like pixelfed or frendica ?

  • FelipeFelop@discuss.online
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    8 months ago

    Aren’t there problems with authentication that cause security concerns when using a PWA?

    Which is why the native apps are preferred for Voyager.

    • Ategon@programming.devM
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      8 months ago

      I mean if you don’t secure it sure. The same goes for any site though and can be mitigated by having decent security. There was the thing a bit ago with Apple trying to discontinue PWAs in the EU due to the ruling that PWAs on apple devices shouldnt need to only be able to rely on webkit (their browser engine) which is why the voyager creator said to move over to native but them discontinuing PWAs got walked back

      • FelipeFelop@discuss.online
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        That’s not what I’m thinking about. Was hoping not to get too technical (I’ll try to keep thing simple) but there’s a general concern with PWAs that mean they can only support less secure authentication compared to a native app.

        For example, if a device is used offline then a PWA can’t authenticate , so anyone who picks up the device can see the users content. There’s a way around this using what’s called a “service worker” which uses device storage but this would need to be different for each device type and some devices won’t persist between sessions. Also, if a user is in an online session then closes the PWA app, goes offline and then back into the app then the service worker will generate an error.

        There are other Lemmy specific issues as well I don’t completely remember the detail but it relates to web clients not being able to set a custom cookie header to ensure compatibility (CORS limitation) There’s an explanation somewhere in the Voyager community but I couldn’t immediately scroll back enough to find it.

        • Blaze@reddthat.com
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          8 months ago

          For example, if a device is used offline then a PWA can’t authenticate , so anyone who picks up the device can see the users content.

          I’m a bit confused, isn’t that the same with any website?

          • FelipeFelop@discuss.online
            link
            fedilink
            English
            arrow-up
            1
            ·
            8 months ago

            That’s not my point. If you read back up the chain of comments I’m saying there’s a real need for a native app (given that Lemmy apps won’t always be compatible with it)

            (And you’ve quoted a part of the post taken out of context 🙂)