> I think browsers need a "web app" mode and a "surf mode"
Agree. It will be hard to define a standard for "surf mode", but in addition to privacy benefits there would be security benefits for the browser container as well.
I don't think it would be that hard, start with "no javascript". Add a better compataiblity method. Ideally add ways to get the browser to do common stuff like resize images, although even saving that for "app mode" would be a big improvement on the current situation. Making the standard is easy, it is getting anyone to follow it that is difficult. Sites could already work great without javascript if they wanted to but very few do.
"No javascript" is a non starter in my opinion. That's a very simple on/off switch that is already available but has very little buy in. As you noted, "JS off" mode requires a shift in what HTML/CSS are capable of on their own.
> Making the standard is easy, it is getting anyone to follow it that is difficult
That's my point, those two parts aren't disconnected. The standard isn't useful (or a standard really) until people follow it, and in this case that's most of the internet connected world. Both people building for the a new default subset, and users accepting a default subset with opt in "web app" bells and whistles.
Without removing JS, in my head it's along the lines of starting with a freeze of a current ECMA version, define the API's that are stripped out, force low fidelity timers, remove JIT, limit some cross origin options. Stop adding shiny new feature's every 8 weeks. Keep it there for 3-4 years. Or maybe a similar concept with a WASM container when it gains some browser usefulness. Then there's the html and css subset too. So, defining that stock subset navigator at the right level is what I see as the "hard" part.
There are some improvements that could be made to HTML/CSS but it is already possible to do a bunch of fancy stuff with no javascript. I don't think it is possible to avoid tracking while allowing javascript, unless only the most trivial javascript, and for that there is likely to already be HTML/CSS alternatives. The stuff you are talking about is already available if you dig into the settings, although of course picking and choosing your own collection of settings like I do is itself a unique identifier. But there need to be a bunch more restrictions to actually prevent fingerprinting.
I think the lack of buy in is because the people who would need to buy in are the ones pushing the tracking. Rather than a new standard something like a directory of sites that work well without javascript (and search engine just searching those sites) with enough people using it for it to be an advantage to be listed seems to me to be more likely to be effective.
Agree. It will be hard to define a standard for "surf mode", but in addition to privacy benefits there would be security benefits for the browser container as well.