Definitely. I think that's why companies that do this (like SpiderOak and Keybase) implement client-side web crypto for convenience use but provide a pretty visible warning about the potential pitfalls compared to the desktop app, so users can make an informed choice.

A lot of people are researching solutions like the app-cache approach to try and fix this, fortunately it's getting better!