[bonesss]

My personal opinion is that people are sleeping on local HTML apps.

Local files, if you want, make everything lightning fast. Hosting your own web-browser lets you hook into whatever you want, and handle it however you want. A local server makes hosting whatever you want simple, too. There's a pre-existing plugin and component model for serving rich content... Every knows HTML and CSS, and sharding off chunks of the app to a genuine web app is straightforward...

A well factored, MVVM, WPF should be relatively easy to port to this model, and there are mature databinding libraries to handle the plumbing...

Maybe it's just me, but I'd rather take the pain points of a known technology than another 10 years of uncertainty and no cross-platform story.

[euroclydon]

It's probably less secure by default. Make sure to reject all HTTP requests where the Origin header doesn't match the local server host, or just all request with an Origin header.

[CodesInChaos]

What you really need is a shared secret between (embedded) browser and (local) server.

IP, host header, origin header can be checked as defense in depth, but can't prevent local privilege escalation from non browser clients and are quite fragile even in browsers.

(or use a secure non TCP/IP based communication channel)

[euroclydon]

> but can't prevent local privilege escalation from non browser clients

That is such a different threat model though. A native app has a lot more permissions than a web page. Trying to protect one native app from another is not really done much. Like, are MS Word documents encrypted so Slack can't read them from disk?

[CodesInChaos]

You can have multiple OS users on the same computer.