Could securing web apps with site-specific browsers tip the HTML5 vs. native debate?

Writing about Nukona App Center and the way it handles web apps got me thinking about site-specific browsers (SSBs).

Writing about Nukona App Center and the way it handles web apps got me thinking about site-specific browsers (SSBs). SSBs have been around for desktops for a while, and though they’re interesting in a “Hey, it’s a good feature to have,” kind of way, they don’t seem to have changed anybody’s life in a major way. With mobile devices, however, site-specific browsers could change the way organizations consider distributing applications.

Site-specific browsers are applications that are dedicated to accessing a single website or web app. There are usually no menu bars, and they can allow web resources to be accessed from icons, like local applications. Unlike a simple web-clip, an SSB can be restricted to accessing only certain URLs.

The native mobile app versus HTML5 web app debate has been rehashed many times before, and will be again, very briefly, right here: The arguments are that native apps are more feature-rich, faster, easier to develop, and most importantly, native apps are, well...native! Nobody using a native application has to worry about missing features or an interface that’s built for a different size screen.

On the other hand, HTML5 is always pretty close behind, and chances are that it will work for most internal corporate applications. Especially considering that the need to redevelop for every different platform is removed, HTML5 mobile web apps are probably “good enough” for a lot of use cases.

How does “good enough” get better? When accessing a web app from a site-specific browser, the browser could add greater security features on top of what is (or maybe isn’t) already built in. Don’t want to let an app use the clipboard, or don’t want to let files be opened in a different app? Just turn those features off in the browser.

After all, what are the chances that you’ll be able to customize the security features of a device native commercial off-the-shelf application? Whatever those chances may be, using a site-specific browser makes them a moot point, because the security features can instead be built into the browser, without even touching the app.

Web apps could be distributed in the same way as local apps, by just distributing the secured site-specific browser container. When a new app comes along, the administrator simply makes the appropriate modifications to the SSB, and unlike with native apps, there would be no need to worry about whether a new app is available for all of a company’s platforms, or if all the different versions have the same security features. Instead, the only application that must be made available for all platforms is the site-specific browser itself. Once that hurdle is crossed, you’re home free!

The question that comes up is “Couldn’t users just access web apps from other browsers, without the security restrictions?” The answer is probably yes, but one solution is that if the credentials required to access a web app were built into the SSB instead of distributed to the users, then it could make access from different browsers more difficult or impossible.

Certainly there are situations where web apps combined with site-specific browsers might not work. On the other hand, the features that site-specific browsers add to web apps could change the conversation when it comes time to decide whether to distribute web-based or native mobile applications.


Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

It seems like the main complaint against HTML5 apps is that they can't access all of native capabilities of the device. So, for example, an HTML5 app on iOS wouldn't be able to be included in the notification center and couldn't get push notifications. Then again, maybe that doesn't matter for a lot of apps?

I do like that HTML5 apps can run offline and have little mini-databases and stuff. So from the user's standpoint, it shouldn't make too much of a difference which is great.

Yeah, I like this idea.