Apple could just say something like, "This app comes from a 3rd party browser engine, and it may not be secure. Are you sure you want to install this app?". Not too much effort, but still keeping the functionality.
I mentioned this in another comment but they built out over 600 APIs and a system of accompanying entitlements to comply with the DMA, they’re clearly not at this point just for PWAs going to throw up their hands and a scare sheet and say “good enough for government work, devs: do what you want now”. EU iPhone customers are still iPhone customers. The security and privacy considerations don’t go away just because a new law was passed.
Obviously, those considerations must be considered. However, as I said, adding a simple confirmation prompt would be plenty enough.
I think what is happening here, is that Apple is going like, "I don't get my market control, you don't get your shiny new features." Other phone platforms allow you to do things, that may be unsafe or insecure, but still plenty useful.
Also, running a PWA really isn't that unsecure/unprivate as visiting a website. They both can access and ask for the same information or permissions. Really not that different.
By your logic that PWAs are unsecure, then should iOS not support rendering webpages due to "security concerns"?
> However, as I said, adding a simple confirmation prompt would be plenty enough.
That would be enough for you. That is apparently not enough for Apple, and you can tell that isn’t enough for Apple by their actions because despite the fact that there were less expensive and time consuming ways they could have complied with the whole rest of the DMA, the only feature regression they’ve had is PWA support in the iPhone version of Safari.
> By your logic that PWAs are unsecure
That is not what I said. Here’s what I actually said not that long ago:
> Apple can make security guarantees about their own rendering engine that they can’t for any other rendering engine.
> It’s not about what PWAs are like in Safari, it’s about what they’re like in third-party browsers that have to by law be allowed to do whatever Safari can do with their own fully enabled rendering engines.
