BUT, there are undeniably some serious limitations. I think it's time we start openly discussing these problems, and how they can be addressed.
- Security e.g. users shouldn't trust a client based HTML5 with any serious data collection.
- Local Data - Storage is limited & it can be manipulated
- Syncing offline apps - Determining which is the latest version etc
- If the browser vendors won't implement something, it won't get implemented. This has also lead to
- Format Incompatibilities e.g. try audio/video tags across the major browsers
- I'm not sure why you say that. I do online banking all the time. It is possible to code something secure and tight, but I'll admit it's not easy. I think security will always be an issue, even with native apps.
Local Data - Storage is limited & it can be manipulated
- True, storage needs to be unlimited. As for manipulating it, this is also true of native apps. Without jailbreaking, I can manipulate a save file for almost any iPhone game. The security issue (again) depends on the developer, and how they protect the data.
Syncing offline apps - Determining which is the latest version etc
- Yup, that's a challenge too. But also a challenge native apps face. When I make a note on an offline iPhone in the notes app, and then edit the same note on my Mac, it creates a duplicate when the iPhone is back online. It should probably be up to the developer how to handle this, whether the app is native or HTML5.
If the browser vendors won't implement something, it won't get implemented. This has also lead to
- Yes, this I think is one of the biggest challenges. People buy a computer, it comes with a browser default, and they never change or update it. It's hard enough to get the W3C to add new features, let alone browsers to implement them, and even harder still to get users to update their browsers.
Format Incompatibilities e.g. try audio/video tags across the major browsers
- Yup, similar issue.
Using the browsers debugger (or your one of choice) you can simply go to a website running on HTML5 and insert a few breakpoints and watch what happens. All someone would have to do is edit the variable(s) which hold the data to anything they'd desire.
You can argue there are limits to these potential exploitations but some of the tools are as complicated as the complier itself - and when companies are trying to push out a feature as quickly as possible, security issues are often overlooked. For example have a look (if you haven't already) at http://plaintextoffenders.com/ which shows websites which store passwords in plain text. Sure my example relates to a different issue but if websites are prepared to store passwords in plain text then inevitably, they will overlook other potential security issues.
When money is involved, any minor potential exploitation is taken advantage to the fullest extent. Hence I still believe HTML5 apps shouldn't be trusted with any serious data collection.
- security causes a lot of limits for users and developers
- unhealthy competition between browser vendors, example: WebGL@InternetExplorer
- its limited to 3 languages: HTML, CSS, JS (and its derivatives)
unhealthy competition between browser vendors, example: WebGL@InternetExplorer - Agreed. Especially when one browser stays from what's supposed to be "standard", yet rarely is.
its limited to 3 languages: HTML, CSS, JS (and its derivatives) - Agreed. Google's working on a compiled web language, but it will only work in chrome. They're attempting to make it a standard, but I'm not sure if any other browsers would put the effort into supporting it. And a whole new system like this would take years to implement. But still possible....
