For those who frown at the idea of calling native (trusted) applications from 
the untrusted web [1],
here is a writeup of how you could run trusted web-code inside of a untrusted 

Regarding the use-cases, there are many ranging from phone-dialers on support 
pages to payments [2].

Since you probably do not want to rewrite browsers from scratch, the most 
is building on running trusted code in IFRAMEs so that the existing protection 
can be reused.   The difference with existing IFRAMEs is that the code must be 
by the platform which also means that it must be fetched from the platform:

<iframe trustedapp="com.example.PaymentRequest" ... ></iframe>

This code should appear to the browser as coming from a virtual domain.
The only communication possible is through postMessage().

If the referenced application isn't available in the local cache, the browser 
should presumably
consult the device-specific "AppStore".

A side-effect of this "specification" is that trusted web-applications may be 
device-specific which
actually is a plus since it reduces the need to standardize access to the OS 
and HW layer.

That is, there could be a new class of standardized trusted web-applications 
where only
the invoke/postMessage part is standardized!

Anders Rundgren


2] Although not entirely compliant with the above, the following demo
does the same thing from a user's perfective.

Reply via email to