
Web Budget API Draft - edward
https://wicg.github.io/budget-api/
======
RussianCow
Can anyone summarize how this works and the use case for this API?

Edit: Here's a good summary:
[https://developers.google.com/web/updates/2017/06/budget-
api](https://developers.google.com/web/updates/2017/06/budget-api)

Basically, this lets you run low-cost background tasks without a confirmation
from the user. I really, really don't like this, and I hope that, at the very
least, this is easy to disable in all the popular browsers.

Edit 2: The above is not correct; browsers already allow a limited amount of
background work to happen, and this API just exposes the budget information to
the developer. Thanks for the clarification, swsieber.

~~~
swsieber
No - it doesn't. Quote:

"This specification does not define how user agents establish or store the
amount of current budget. It aims to define an API that exposes sufficient
information to make the budget useful for authors, while not restricting the
implementation details and heuristics specific to a user agent."

So basically, the Push API and Web Background Synchronization actually do
that. This just lets pages programmatically find out what the limits are like.

To make an analogy to localStorage - this api is like being able to query
local storage for how much space is available, and how often it gets deleted.

~~~
RussianCow
So what you're saying is that browsers already allow limited things like push
notifications to happen silently without user consent, and this API just
exposes the budget/cost for those actions? I'm not up-to-date on the
background APIs that browsers expose, but this quote from the Google doc seems
to be at odds with what you're saying, if I understand it correctly:

"The Push Messaging API enables us to send notifications to a user even when
the browser is closed. [...] but the API has one important restriction: you
must always display a notification for every single push message recieved."

And later:

"The Budget API, is a new API designed to allow developers to perform limited
background work without notifying the user, such as silent push or performing
a background fetch."

Edit: Reading through the spec more closely, it appears you are correct in
that this is already happening on the browser side, and that this API just
exposes the budgeting details to the developer. The Google Developer page's
wording is just somewhat misleading. Thanks for the clarification.

~~~
rictic
Push notifications – by spec and by all implementations I'm aware of – must
not be sent without explicit user consent: [https://w3c.github.io/push-
api/#security-and-privacy-conside...](https://w3c.github.io/push-
api/#security-and-privacy-considerations)

~~~
RussianCow
Sorry, when I said "without user consent" I really meant "with the tab
closed". :) Brain fart.

------
pythonaut_16
For anyone not familiar with WICG (as I wasn't), WICG stands for _Web Platform
Incubator Community Group_. Its goal is to discuss new (web) platform
features[0]. In participants I'm seeing a lot of Google, Mozilla, and
Microsoft names, as well as other tech players like Intel, Apple, and
others[1].

[0][https://www.w3.org/blog/2015/07/wicg/](https://www.w3.org/blog/2015/07/wicg/)
[1][https://www.w3.org/community/wicg/participants](https://www.w3.org/community/wicg/participants)

------
cstrat
farrrr out the web is getting more and more complicated!!

it used to be HTML and CSS. With all these developments it's turning into a
javascript based operating system working out of browsers.

~~~
bfred_it
Yeah.

It used to be plain text, now you can make real applications on it and for the
most part they run sandboxed and with little privilege.

I think this is a win for both users (who can get full apps without giving
dubious software full access to their system) and developers (who can
distribute apps that are generally much faster to download)

Plus you can still deploy your 20-year-old HTML and CSS pages. How cool is
that? (Yep, CSS is literally 20.5 years old)

------
austincheney
This should probably be a schema instance and should probably go through the
Oasis standards body. Once the API is defined you can execute upon it however
you wish.

~~~
mbell
Could you clarify why you think this? I don't see any connection between this
API and the types of standards OASIS works on.

~~~
austincheney
Oasis typically standardizes schemas and business logic. I see an API spec as
an implementation of rules, which is really what a schema is. Typically
schemas are defined in XML and this API is defined with JavaScript code
examples for use in JavaScript, but again that is an implementation detail
that shouldn't have significant weight on the rules of the API's design.

------
kevin_b_er
This keeps indicating to me the possibility that chrome is opening and
executing javascript from websites without a tab for them open.

Can anyone explain how I can tell how many magic background apps I might have
running on Chrome for Android without my consent?

~~~
moron4hire
They're called Service Workers and you would have had to have given them
consent to run. So to answer your question: zero. There are zero apps running
without your consent.

------
the_arun
Do any of you know the tool used to generate this documentation?

