The web sandbox is an absolute delight for users. That users can run javascript code from malicious advertising companies without ill effect is a technological marvel. Consider all the shady nonsense advertising companies do today anyway - and imagine if they had full access to your filesystem when they do it! What a horrifying hellscape that would be.
"Oh, opened our website did you? Don't mind us - we'll just go ahead and install our own 'value add' daemons on your computer that show ads, and exfiltrate your data to improve ad targetting. You can trust us!"
"Oh, opened our website did you? Don't mind us - we'll just go ahead and install our own 'value add' daemons on your computer that show ads, and exfiltrate your data to improve ad targetting. You can trust us!"