Web developers rally to challenge Apple App Store browser rules • The Register

0

On Monday, a group of software engineers plan to launch a group called “Open Web Advocacy” to help online apps compete with native apps and to encourage or compel Apple to loosen its iOS browser restrictions.

The Group (OWA), organized by UK-based developers Stuart Langridge, Bruce Lawson, and others, aims to promote a more open web by explaining subtle technical details to legislators and helping them understand the anti-competitive aspects of web technology. Over the past few months, members of the group have contacted the UK’s Competition and Markets Authority (CMA) to convince the agency that Apple’s iOS browser policy harms competition.

Along with the launch of group website, the OWA plans to publish a technical paper entitled “Bringing Competition to Walled Gardens”, which summarizes the group’s position and aims to help regulators in the UK and elsewhere understand the implications of web technology restrictions. The group is looking for like-minded developers to champion its cause.

“We’re mostly software engineers, we’re all individuals,” Langridge explained in an interview with The register. “So it’s not just on behalf of browser vendors or employers or anything like that. We came together to make the web better, really, and no major corporations pushed for change. And we think there’s a lot that can be done to make the web better, especially on Apple devices and more generally.”

“The group’s motive is to try to persuade Apple that it needs to allow other browser engines on iOS, so that iOS can be a better platform to develop things for the modern web,” explained Lawson. “Because right now every browser on iOS, whether branded Chrome, Firefox, or Edge, is really just a branded skin of Safari, which is lagging behind [other browsers] because it has no competition on iOS.”

WebKit woes

The main concern Langridge and Lawson raise is that Apple’s iOS App Store guidelines require every browser running on iPhone and iPad to be based on WebKit, the Apple-supervised open-source project that serves as the rendering engine for the company’s Safari browser.

Apple’s browser monoculture has long been a sore point for web developers and web technology advocates like Alex Russell, formerly at Google and currently at Microsoft.

But the issue of browser engine choice has been overshadowed by recent legal and legislative efforts, led by Epic Games, to open up Apple’s iOS App Store to third-party payment systems. While Epic Game’s antitrust lawsuit against Apple has sparked debate and seen a proposed legislative solution, the issue of web engines in Apple’s ecosystem has not been resolved.

However, Apple again shone a spotlight on its WebKit rules when it defended its App Store hegemony by claiming that web apps presented viable competition to native iOS apps in its App Store. Russell and others pushed back, arguing that one of the slides presented by Apple in the Epic vs. Apple trial distorted reality by claiming that web and native apps have equal capabilities on iOS devices.

In December 2021, it became clear that at least the CMA is paying attention. The UK competition watchdog, which started investigating the Apple App Store in March 2021, stated in its interim report:

“We found that by requiring all browsers on iOS devices to use its WebKit browser engine, Apple controls and sets limits on the quality and functionality of all browsers on iOS. It also limits the potential of browsers competitors to differentiate themselves from Safari,” the regulator wrote.

In December last year, the CMA extended the information-gathering phase of its investigation until today – the end of February 2022. It will likely be a few more months before the agency presents its findings.

OWA organizer Stuart Langridge said not only is every iOS browser just a revamped version of Safari, but WebKit-based versions of Chrome, Edge, and Firefox are even less capable than Safari based on WebKit. WebKit because they lack access to certain APIs that Apple makes available to its own browser.

As an example, he described how he has a shortcut to Wordle, a web app, on his iPhone home screen. “I normally use Firefox on iOS,” he explained. “And I had to switch back to Safari because you can’t add items to your home screen from another browser. It’s only available for Safari. So third-party browsers, even they use the same engine as Safari, don’t have access to the same APIs.”

It’s time to take a stand

The OWA’s “Bringing Competition to Walled Gardens” article outlines the following ways Safari is felt to be deficient:

The document also cites more than 30 missing functions or APIs for iOS WebKit browsers, including push notification, navigation preloading, web app install prompts, Bluetooth web, NFC web, API full screen for canvas and non-video WASM elements and threads.

Not a problem in black and white

The API disparity is not entirely negative. Browser makers may choose not to implement API specifications for fear that the features offered may present potential privacy or security issues. Apple did, as did other browser makers like Mozilla. Google has tended to be more permissive and push more boundaries with Chrome.

Langridge acknowledges that different browser teams have different levels of tolerance for new proposals, but says there’s a whole set of APIs that don’t raise the security or privacy issues that Safari tends to lag behind. due to its slower release cadence – Safari updates tend to come with iOS updates, often with months between releases, while Chrome ships every four weeks.

Lawson argues that Apple’s quiet handling of Safari (WebKit) bugs mocks its claims that App Store rules are necessary to mitigate security threats.

“Over Christmas there was a huge bug in something called IndexedDB,” Lawson said. “It allowed any arbitrary website to see other websites you’ve visited. Not all of them, but those using certain browser features. And that went unpatched by Apple for 57 days. So, for 57 days, every iOS user who used any web browser on iOS – because they used WebKit – was leaking data left, right, and center If Apple fixed security errors quickly, it would be a plausible defense, but it is not.

Apple is aware of the criticisms and appears to have taken steps to address them. There has been a noticeable increase in WebKit job postings, for example.

The register told Apple that an advocacy group had formed to lobby for the App Store rules to be changed and asked if anyone at the company might wish to explain why that might not be desirable.

To our amazement, after ignoring questions for months, an Apple spokesperson responded, asking if the company could correspond confidentially. We replied that we would be happy to communicate informally and never heard back.

Or if we did, we couldn’t tell. ®

Share.

Comments are closed.