Here is my wishlist with respect to browser profiles and containers. While the chances that I'll get them are low, I hope it inspires people to think bigger a bit more. It may be too hard on the current generation of web engines, but perhaps the next generation can plan better in advance.
We're doing profiles and containers wrong. There are numerous other free software that demonstrate better examples. Why do we have two solutions when both are about isolation of data and execution? Browsers should take inspiration from how the Linux kernel does it using namespaces (and similar facilities in other kernels, eg: BSD jails). Divide isolation into different contexts like the different types of namespaces. There should be different contexts for isolating:
- cookies policies and sharing
- local data
- extension availability and sharing
- network access (direct internet, proxy, VPN, TOR, etc)
- password stores
- lifetime (permanent, limited-time, single-use)
- web api availability (like no-js contexts, no-drm contexts, etc)
- browser features
- browsing history
- sync accounts
- bookmarks
- tab configuration and state
- theming
- ad block profiles
- website URL affinity (eg: don't open FB here, open YT only here, etc)
- resource allocations (like CPU, RAM, etc)
- redirection profiles (like to invidious, xitter, etc)
Different profiles/containers can be created by mixing and matching these isolation contexts. For example you can have two different profiles that sharing password managers, but one for use with VPN and one without. All the current uses of profiles and containers can be met with this concept - including private browsing. You could even have TOR browsing in the same browser. While at it, you could even simulate resource allocations like cgroups (already mentioned in the list).
All these might make you wonder if it isn't too complicated for ordinary people to use. Solutions for that exist in the OS space too. We have tools like docker, lxc and even bubblewrap to wrap over these low level complexities and present a simpler UI. In the browser, you could have different higher level plugins to setup profiles easily in specific manner. We can click 'private browsing' that will isolate a profile in every context by default (and offer to share anything else as it seems fit to you). You could have plugins that maintain different profiles for each of your gmail/workspace accounts. You could have a plugin that allows you to temporarily share OIDC SSO across profiles (currently an annoying problems with browser containers.) And finally, the power users may be able to script these low-level isolation contexts just the way they want it.
The next is how pages are displayed. Today we have full-window pages with multiple pages supported by tabs. But those who use browsers for anything serious, besides watching cat videos or doom scrolling on social media know how frustrating it is to not be able to browse two pages side-by-side. Some browsers like Zen do support that workflow, while others can get it using extensions. But we could go much further. Dividing windows is a solved problem that's very well done in applications like Blender, Emacs, VSCode and other IDEs. You should be able to divide the window into any arbitrary layout, with each pane (a subdivision of a window) showing one of the open pages. Emacs shows this with the concept of windows (which are panes) and buffers. Blender gives the same facility. The browser must be able to hold hundreds of such layouts along with their page assignments. To make it easy for the common user, these layouts can be presented as tabs to the user. Web pages should also be presented as a single-pane layout for that page, so that the user is able to close it easily without having to think about the distinction between a page, a tab and a pane like the way you need to know on Emacs.
Each page can be a different process with its own profile assignment and browsing history tree. The GUI should be a separate process. The amount of code shared between those processes should be based on security considerations. This way, we can have browser user profile, office profile, private browsing profile, developer profile and TOR profile all on the same window.
But the window layout shouldn't stop there. Currently, the menu bars, tab bar/sidebar, toolbars, address bar etc consume too much space. Imagine if it was the same case for desktops? Desktops take only a tiny fraction of the screen space in the form of the status bar or the dock. Even that is optional in many cases and can be hidden when not in use. The best way to layout the pages on a window IMHO, is how the tiling window managers do it. Browsers like Firefox already treat the UI like HTML+CSS. But it's on a different plane from the page UI - so much so that you need to start the debugger console in a different mode to control it. But if the tabs, status bars and menu bars used the same layout as regular pages (but with special UI control privileges), you'll get numerous options to design it the way you prefer and hide them easily.
To take it a bit further, I really like the concept of Wayland layer shells that allow you to make UI overlays. If you can make the controls into overlays, you could have per-pane controls like address bars and nav buttons that can be collapsed into small non-intrusive semitransparent UI buttons. This way, the UI can be truly full screen, easy to setup and easy to navigate.
I know that this is a tall order to achieve. But it costs nothing to dream, I guess.
> We're doing profiles and containers wrong. There are numerous other free software that demonstrate better examples.
Profiles are about separating Settings and user history, not for security isolation. If you want to do that use the OS?
> Today we have full-window pages with multiple pages supported by tabs. But those who use browsers for anything serious, besides watching cat videos or doom scrolling on social media know how frustrating it is to not be able to browse two pages side-by-side.
Why should the browser implement a window manager, when the window manager already exists? What stops you from putting two tabs side-by-side right now?
> But the window layout shouldn't stop there. Currently, the menu bars, tab bar/sidebar, toolbars, address bar etc consume too much space.
You know, that you can put the menubar into the OS panel?
> Profiles are about separating Settings and user history, not for security isolation.
Where does it say that? Using profiles is currently like using different browsers altogether. How does that preclude security isolation? All that aside, how did you reach the conclusion if you read what I wrote? I was talking about a single unified mechanism to consolidate the various types of isolations, security or not, in an easily understandablr manner. There are also some very annoying papercuts that I believe will be solved with that.
> If you want to do that use the OS?
> Why should the browser implement a window manager, when the window manager already exists?
If you haven't noticed, the browser has grown in the past quarter of a century into a full-fledged OS-level platform with a complex GUI, a few dozen technologies, equally numerous APIs, a decent sandbox and an entire VM to run applications written in any of a few dozen programming languages. It's easier to write a small OS compared to a small browser. Implementing window managers inside a browser is not very hard or unusual. Some browsers do it in their main UI too. I was suggesting an extension of that concept. If it can improve the UX of a browser, why insist on gatekeeping it to the OS window manager?
> What stops you from putting two tabs side-by-side right now?
Where have you ever seen that done satisfactorily? Forget the numerous bars and panels all over the place that take up so much space. When have you ever been able to share information seamlessly like in a single window? It's so frustrating that it's a joke as a solution.
> You know, that you can put the menubar into the OS panel?
On which platform? How many WMs/DEs you know offer that facility? Unlike on MacOS where you can do that, window managers have a few dozen menu bars that aren't even compatible with each other. How many OS panels will each browser have to integrate with? Here instead, I'm suggesting the use of a technology that's already there - the web engine. In fact, that's how most browsers implement their main UI already. But it's not quite well integrated with the engine, at least in Firefox. My suggestion was to remove that limitation. You're objecting to something that's already there.
If you need something to be upset about browsers, there are plenty of egregious changes being pushed down the throats of the users. In contrast, I wasn't suggesting anything that the user has to accept without questions. It's also something that can be done with the building blocks already available. In fact, the changes you object to are already being partially implemented by many projects and are well-received by users as far as I can see. If we are this cynical about trying out great ideas from other platforms, what sort of progress are we expecting anyway?
> If you need something to be upset about browsers, there are plenty of egregious changes being pushed down the throats of the users. In contrast, I wasn't suggesting anything that the user has to accept without questions.
I will never object to new isolated features that are opt-in, don't break other features, don't clutter up the UI and worsen the performance. I'm also willing to take compromises for new features. Sadly this is not the experience I get from modern software development and especially anything Web-adjacent like browsers.
I only pointed out how I don't think these should be priorities or think they are already solved.
> Using profiles is currently like using different browsers altogether.
Using profiles is like using a different configuration and different runtime state with the same browser. This doesn't sound too far of from isolation, but I think security that is rolled in user programs and not backed by the OS is fundamentally futile. It is nice to have another option, but I wouldn't count on if for real security. And it seams to be a bit unnecessary, when the OS already provides process and user isolation, that are seldom able to be bypassed.
> If you haven't noticed, ..... browsers become complicated OS ...
Yes, and I don't like that, but this is orthogonal here.
> why insist on gatekeeping it to the OS window manager?
To me that is the opposite of gatekeeping, because now this is available and consistent to every program and not just specific to a single one.
Per program window handling used to be common, but has been largely abandoned, because most people don't work that way. MS Windows has had (and still has) MDI. This is a nice concept in my opinion, but it largely went away for reasons. Some setup programs still ask you if you want to install the program in MDI or SDI mode, but to my knowledge no new program does it and users seldomly use it. MacOS also has remnants of this with windows that are bounded by the borders of the parent window.
This approach has a fundamental flaw though. So you do a lot amount of work and now you can display multiple websites side-by-side in a single OS window, but as soon as you want to do the same with the text editor, the Office application, the Video player or any other program, you are lost and need to use the OS window manager. Now you have red-flavored and green-flavored windows, that are incompatible and not interoperable and this is kind-of stupid.
Instead we went the other way, and in my opinion for a good reason. So for example on MS Windows tabs are treated the same as windows, they get listed in the window switcher and get screenshots just like real OS windows. I think this is a better approach, because now all the windows can be modified and moved the same and also have vastly more features than isolated applications could ever provide. Think of how to implement "Always on top" in the browser.
> Where have you ever seen that done satisfactorily?
Yes, everyday on my computer? I either click on the tab and do "Move Tab" > "to New Window", or just drag the tab away from its position and then press Windows - Left/Right Up/Down, wherever I want the tab to be.
> Forget the numerous bars and panels all over the place that take up so much space.
The chrome isn't that much and can even be reduced to a tiny line, when you turn it into a popup. Granted, this could be a button, but that's not a large change and the functionality is already available with an oneliner. In fact I recently added exactly this feature.
> When have you ever been able to share information seamlessly like in a single window?
Whenever I want it?
> It's so frustrating that it's a joke as a solution.
Not to me. Can share what frustrates you?
> On which platform? How many WMs/DEs you know offer that facility?
Well you already listed MacOS, and I was able to do it in the past on GNOME/Mate, but just tried it and it still exists, but is broken, so I am sad. I was under the impression, that this used a portable API, because it did work across a lot, of UI toolkits.
> But the window layout shouldn't stop there. Currently, the menu bars, tab bar/sidebar, toolbars, address bar etc consume too much space. Imagine if it was the same case for desktops? Desktops take only a tiny fraction of the screen space in the form of the status bar or the dock. Even that is optional in many cases and can be hidden when not in use. The best way to layout the pages on a window IMHO, is how the tiling window managers do it. Browsers like Firefox already treat the UI like HTML+CSS. But it's on a different plane from the page UI - so much so that you need to start the debugger console in a different mode to control it. But if the tabs, status bars and menu bars used the same layout as regular pages (but with special UI control privileges), you'll get numerous options to design it the way you prefer and hide them easily.
What you describe sounds like what KDE supports out of the box. You will be pleased to hear, that the corporate browser vendors Google and Apple have forked the KDE browser, so you can expect that browsers to be highly customizable. /s
> there are plenty of egregious changes being pushed down the throats of the users.
I just fear that this all starts as a good intention, but becomes yet another thing pushed down the throats of users. The browser chrome is one of the last remaining things, that work and look exactly like the native UI, and I don't want to loose that last bit. Also have you heard of the line of death? I don't think we want to loose that. See https://textslashplain.com/2017/01/14/the-line-of-death/
We're doing profiles and containers wrong. There are numerous other free software that demonstrate better examples. Why do we have two solutions when both are about isolation of data and execution? Browsers should take inspiration from how the Linux kernel does it using namespaces (and similar facilities in other kernels, eg: BSD jails). Divide isolation into different contexts like the different types of namespaces. There should be different contexts for isolating: - cookies policies and sharing - local data - extension availability and sharing - network access (direct internet, proxy, VPN, TOR, etc) - password stores - lifetime (permanent, limited-time, single-use) - web api availability (like no-js contexts, no-drm contexts, etc) - browser features - browsing history - sync accounts - bookmarks - tab configuration and state - theming - ad block profiles - website URL affinity (eg: don't open FB here, open YT only here, etc) - resource allocations (like CPU, RAM, etc) - redirection profiles (like to invidious, xitter, etc)
Different profiles/containers can be created by mixing and matching these isolation contexts. For example you can have two different profiles that sharing password managers, but one for use with VPN and one without. All the current uses of profiles and containers can be met with this concept - including private browsing. You could even have TOR browsing in the same browser. While at it, you could even simulate resource allocations like cgroups (already mentioned in the list).
All these might make you wonder if it isn't too complicated for ordinary people to use. Solutions for that exist in the OS space too. We have tools like docker, lxc and even bubblewrap to wrap over these low level complexities and present a simpler UI. In the browser, you could have different higher level plugins to setup profiles easily in specific manner. We can click 'private browsing' that will isolate a profile in every context by default (and offer to share anything else as it seems fit to you). You could have plugins that maintain different profiles for each of your gmail/workspace accounts. You could have a plugin that allows you to temporarily share OIDC SSO across profiles (currently an annoying problems with browser containers.) And finally, the power users may be able to script these low-level isolation contexts just the way they want it.
The next is how pages are displayed. Today we have full-window pages with multiple pages supported by tabs. But those who use browsers for anything serious, besides watching cat videos or doom scrolling on social media know how frustrating it is to not be able to browse two pages side-by-side. Some browsers like Zen do support that workflow, while others can get it using extensions. But we could go much further. Dividing windows is a solved problem that's very well done in applications like Blender, Emacs, VSCode and other IDEs. You should be able to divide the window into any arbitrary layout, with each pane (a subdivision of a window) showing one of the open pages. Emacs shows this with the concept of windows (which are panes) and buffers. Blender gives the same facility. The browser must be able to hold hundreds of such layouts along with their page assignments. To make it easy for the common user, these layouts can be presented as tabs to the user. Web pages should also be presented as a single-pane layout for that page, so that the user is able to close it easily without having to think about the distinction between a page, a tab and a pane like the way you need to know on Emacs.
Each page can be a different process with its own profile assignment and browsing history tree. The GUI should be a separate process. The amount of code shared between those processes should be based on security considerations. This way, we can have browser user profile, office profile, private browsing profile, developer profile and TOR profile all on the same window.
But the window layout shouldn't stop there. Currently, the menu bars, tab bar/sidebar, toolbars, address bar etc consume too much space. Imagine if it was the same case for desktops? Desktops take only a tiny fraction of the screen space in the form of the status bar or the dock. Even that is optional in many cases and can be hidden when not in use. The best way to layout the pages on a window IMHO, is how the tiling window managers do it. Browsers like Firefox already treat the UI like HTML+CSS. But it's on a different plane from the page UI - so much so that you need to start the debugger console in a different mode to control it. But if the tabs, status bars and menu bars used the same layout as regular pages (but with special UI control privileges), you'll get numerous options to design it the way you prefer and hide them easily.
To take it a bit further, I really like the concept of Wayland layer shells that allow you to make UI overlays. If you can make the controls into overlays, you could have per-pane controls like address bars and nav buttons that can be collapsed into small non-intrusive semitransparent UI buttons. This way, the UI can be truly full screen, easy to setup and easy to navigate.
I know that this is a tall order to achieve. But it costs nothing to dream, I guess.