Even if it's opt-in, we still pay a price. Complexity has its costs.
It means my browser is more bigger and more complex. It broadens the attack surface exposed by my browser, perhaps even if I don't opt-in. It dilutes the efforts of the Firefox team. It introduces new ways for browsers to be subtly incompatible. It further raises the barrier to someone making a serious browser from scratch.
Also, are we guaranteed that these features will be opt-in? There were serious security issues with WebGL (predictably), and I don't think WebGL was opt-in.
WebGL was never opt-in and everybody familiar with GPU programming saw the issues coming from miles away. It was an idea that was about as stupid as Java applet sandboxing.
>This is an issue with that particular website's implementation, not something inherent to the browser or the API.
When that statement applies to 90% of pages out there, that argument gets more stale than cracker left out for the better part of a year.
That staleness, in fact, is why no one is encouraged to run blind unauthenticated proxies on the Internet anymore. Completely valid technology. Very problematic use case.
> This is an issue with that particular website's implementation
because the product manager thought my user session was engaging with the site for 2 seconds longer so it must be good.
I never said it was the browser or the API just acknowledging that it is a predictable gripe and not a feature, and yes enabled by the browser and APIs
