blacklion 1 day ago

It is all very wired.

> a) you'd like encryption between the UI and the device

No, I don't. It is on my local network. If device has public IP and I want to browse my collection when I'm out of my local network, then I do, but then Let's encrypt solved this problem many years ago (10 years!). If device doesn't have public IP but I punch hole in my NAT or install reverse proxy on gateway, then I'm tech-savvy enough to obtain Let's Encrypt cert for it, too.

> b) browsers lock down a lot of APIs, sometimes arbitrarily

Why does GUI which is served from server co-hosted with mediaserver needs any special APIs at all? It can generate all content on server side and basic JS is enough to add visual effects for smooth scrolling, drop-down menus, etc.

Its all look over-engineered in the sake of what? Of imitating desktop app in browser? Looks like it creates more problems than writing damn native desktop app. In QT, for example, which will be not-so-native (but more native than any site or Electron) but work on all 3 major OSes and *BSD from single sources.

1
rcxdude 1 day ago

Even on a local network, you should probably not be sending e.g. passwords around in plaintext. Let's encrypt is a solution for someone who's tech-savvy enoug to set it up, not the average user.

> Its all look over-engineered in the sake of what? Of imitating desktop app in browser?

Pretty much, yeah. And not just desktop app, but mobile app as well. The overhead of supporting multiple platforms, especially across a broad range of devices, is substantial. Wep applications sidestep a lot of that and can give you a polished UX across basically every device, especially e.g. around the installation process (because there doesn't need to be one).

1 reply
blacklion 13 hours ago

> Even on a local network, you should probably not be sending e.g. passwords around in plaintext.

Why not? There is only me, my wife and my cat. Guests has separate network, of course :) If my network is compromised I have much bigger problems than password to video collection.

> Let's encrypt is a solution for someone who's tech-savvy enoug to set it up, not the average user.

caddy (web server) can provision Let's Encrypt cert transparently for user. I don't say Plex user should install caddy, but Plex server can have same mechanism built-in. If user is tech-savvy enough to install Plex.

> And not just desktop app, but mobile app as well

To be good they should have completely different structure and screen layouts for Mobile and Desktop no matter which "toolkit" is used, though — different screen sizes, different screen orientation, different input devices (touch and mouse are VERY different in UX and decent Desktop UI needs good keyboard controls, OH WAI~~~)...