Is it possible for us to get a list of the non-standard APIs that are being used, sorted by usage? I'd like to say work is being prioritized based on need :)
On Fri, Jan 30, 2015 at 10:32 AM, Andrew Williamson <[email protected] > wrote: > The major thing keeping apps privileged and not webby (and also therefore > packaged - [3] below notwithstanding) is the APIs. I'd be interested to > know if there has been any progress in moving APIs from privileged to > non-privileged too. (And certified to privileged - the only production API > I remember changing was the Camera API from certified to privileged.) > > On 30/01/2015 14:48, Benjamin Francis wrote: > >> Hi, >> >> It feels like a good time to bring up this topic again. >> >> One of the main themes in suggestions for Firefox OS 3.0 has been to make >> the OS more "webby", moving away from packaged apps to something >> inherently >> more web-like, and even turning the built-in Gaia apps into hosted apps. >> >> When we last spoke in this thread, the W3C "Manifest for Web Application" >> specification [1] was at its first public working draft. That spec has >> recently reached an important milestone by being declared feature complete >> and is expected to transition to a Candidate Recommendation soon, already >> having being implemented in Chrome. >> >> Service Workers seem to be moving along in Gecko [2], and have also been >> one of the hot topics in Firefox OS 3.0 discussions, particularly in >> relation to offline functionality. >> >> There have been several proposals of how to provide privileged hosted >> apps, >> including work around hosted packages [3] and discussions around a >> security >> model. >> >> There have been several prototypes demonstrated with hosted versions of >> Gaia apps doing all sorts of interesting things, and proposed design >> concepts around new ways of thinking about web apps, like Pinned Apps [4]. >> >> There are lots of separate teams working on things in this area so I >> thought it might be useful to share what everyone is working on. How close >> are we to being able to deprecate packaged apps? How are hosted privileged >> apps coming along? What's the latest thinking on a security model? How are >> Service Workers coming along? Where is the source code of some of the >> prototypes people have been working on for hosted Gaia apps? What is still >> missing? >> >> Please share! >> >> Ben >> >> 1. http://w3c.github.io/manifest/ >> 2. https://bugzilla.mozilla.org/show_bug.cgi?id=903441 >> 3. https://bugzilla.mozilla.org/show_bug.cgi?id=1036275 >> 4. https://wiki.mozilla.org/FirefoxOS/Pinned_Apps >> >> On 8 July 2013 at 22:31, Ben Francis <[email protected]> wrote: >> >> Sorry for the typo in the subject line. It wasn't an attempt at a clever >>> pun... >>> >>> Hello all, >>> >>> Apologies for the length of this email, I didn't have time to write a >>> shorter one. >>> >>> A year ago Jonas sent out an email [1] outlining the requirements for a >>> new >>> breed of trusted web apps. He explained some of the challenges of >>> fulfilling these requirements with hosted apps and set out the rationale >>> for starting with a packaged app solution, with a view to exploring >>> something more "webby" later. >>> >>> Now that we have shipped v1 of Firefox OS [2] with a packaged solution >>> for >>> trusted apps I would like to re-open this discussion and get your >>> feedback >>> on whether and how we might make trusted apps more web-like. >>> >>> In order to gain access to many of the new APIs we have created in >>> Firefox >>> OS, web content creators must change their entire distribution model and >>> package the assets of their app into a zip file to be signed and served >>> from one or more app stores. These assets do not have their own URIs on >>> the >>> Internet and are served over a local app:// protocol instead of HTTP. >>> This >>> is similar to how native apps on other mobile platforms work, and is also >>> similar to the packaged apps used in Chrome & Chrome OS, as well as W3C >>> widgets. However, it isn't much like how the web works. There is no one >>> definitive version of the app at a single URI and the update process is >>> very different. >>> >>> The System Applications Working Group [3] at the W3C have actually >>> started >>> some early drafts of specifications to standardise an app >>> manifest/package >>> format and the app:// URI scheme, based largely on the work done by >>> Mozilla. Meanwhile at Google I/O, Google showed a version of the Chrome >>> Web >>> Store [4] where hosted apps are re-branded simply as "web sites", with >>> the >>> term "app" being limited to packaged apps using their own .crx packaging >>> format. I have also heard suggestions that support for hosted apps may at >>> some point be deprecated in Chrome altogether, in favour of supporting >>> only >>> packaged apps. The message coming from both Mozilla and Google right now >>> is >>> that all trusted apps must be packaged, hosted web apps can simply not be >>> trusted with access to new privileged APIs. >>> >>> What's sad about this vision of the future is that many of the most >>> interesting apps that get written using web technologies like HTML, CSS >>> and >>> JavaScript will not actually be part of the web. As Tim Berners-Lee >>> recently put it in an interview with the BBC about native apps [5], when >>> apps and their content don't have a URI on the Internet they are not part >>> of the "discourse" of the web and are therefore non-web. This was a topic >>> discussed at the "Meet the TAG" event hosted by Mozilla in London >>> recently, >>> with members of the W3C's Technical Architecture Group expressing >>> disappointment in this trend. >>> >>> Are we happy with a packaged model for trusted apps going forward, or is >>> now the time to embrace the challenge of making trusted apps genuinely >>> part >>> of the web? Perhaps we don't even need to restrict our thinking to the >>> "app" and "app store" model and can explore ways of exposing more >>> privileged APIs to all web content in a trusted way. >>> >>> If you're interested in the nitty gritty of this problem, I've tried to >>> summarise Jonas' original email below. I hope he forgives me if I >>> mis-represent him in any way, but you can read his original email in the >>> archives [1]. >>> >>> ... >>> >>> In his email, Jonas proposed the following requirements for trusted apps: >>> 1. The ability for a trusted party to review an app and indicate some >>> level >>> of trust in the app (or potentially in the app developer). >>> 2. A mechanism for signing an app to verify that the app actually >>> contains >>> the content that was reviewed. >>> 3. Use of a minimum CSP policy for all pages of an app to ensure only the >>> reviewed code runs. >>> 4. A separate data jar for local data to ensure a compromised web site >>> can >>> not write to the local data of an app to alter the way it behaves. >>> 5. A separate origin for the resources of an app so that the app can not >>> be >>> tricked into running un-reviewed code from the same origin with escalated >>> privileges. >>> >>> Jonas explained that the initial intention was to host trusted apps in >>> the >>> same way as non-trusted apps, to retrieve the signatures for reviewed >>> files >>> from an app store, but the files themselves directly from the app's own >>> web >>> server. >>> >>> He explained some problems with this approach: >>> a) HTTPS must be used to ensure proxies don't modify the headers or body >>> of >>> HTTP responses, invalidating the signature. This would create an overhead >>> for app developers. >>> b) If multiple stores host signatures for the same app but review the app >>> at different speeds, updating of the app resources and signatures must be >>> synchronised between different stores and be limited to the speed of the >>> slowest review. >>> c) Signed resources have to be static because if a resource is >>> dynamically >>> generated by a server side script, the signature would also need to be >>> dynamically generated, requiring a private key to be stored on the same >>> server, which largely defeats the object of the signing system. >>> >>> It was argued that this would result in a system which, while hosted like >>> the rest of the web, is not very "webby" and is the worst of both worlds. >>> >>> This led to the conclusion for us to package up trusted apps and to serve >>> their resources locally over a new app:// protocol. >>> >>> >>> My question is what might a hosted solution to this problem look like? >>> >>> Ben >>> >>> 1. https://groups.google.com/forum/#!topic/mozilla.dev. >>> webapps/hnCzm2RcX5o >>> 2. https://wiki.mozilla.org/WebAPI >>> 3. http://www.w3.org/2012/sysapps/ >>> 4. https://twitter.com/bfrancis/status/335728228897550336/photo/1 >>> 5. http://www.bbc.co.uk/iplayer/episode/b036zdhg/Click_06_07_2013/ >>> _______________________________________________ >>> dev-webapps mailing list >>> [email protected] >>> https://lists.mozilla.org/listinfo/dev-webapps >>> >>> > _______________________________________________ > dev-webapps mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-webapps > _______________________________________________ dev-webapps mailing list [email protected] https://lists.mozilla.org/listinfo/dev-webapps
