Re: NPAPI plug-in use case: certified medical devices
Add-ons that use those APIs can pass review, yes. They would also need to be signed, unless they're using one of the Firefox versions that can disable signing. Jorge On 8/29/15 10:50 AM, Tim Guan-tin Chien wrote: > Will either js-ctypes or child process-calling add-on passes AMO > review? With signing requirement those add-ons would not be allow to > run in Firefox without signing from AMO at all right? > > On Fri, Aug 28, 2015 at 11:42 PM, Benjamin Smedberg >wrote: >> >> >> On 8/28/2015 10:25 AM, Tony wrote: >>> >>> Our product makes use of a 3rd party medical device that requires a C >>> library for usage. We created a NPAPI plugin that wraps this C library so >>> we can access the device from JavaScript. >>> >>> Here's where the lawyers get involved... >>> >>> The medical device, **including** the software included with the device >>> are FDA certified. We (as an user of the device) are not allowed to provide >>> our own software to access the device (which we could do without much >>> effort). We have to use the "certified" C library. >>> >>> The manufacture of the device (and its library) do not wish to share their >>> Intellectual Property (IP) with us so that we could create a "modern" >>> browser extension. As most of their customers use their product with native >>> OS clients, not browser based clients. >> >> >> I recommend that you write this as a Firefox addon in the following way: >> >> * construct a shim program which links the C library and communicates with >> the addon on stdin/stdout >> * use the addon SDK and system/child_process to launch your shim program and >> communicate with it >> >> See >> https://developer.mozilla.org/en-US/Add-ons/SDK/Low-Level_APIs/system_child_process >> for a description of system/child_process. >> >> I'm going to contradict Ehsan here: ctypes is a powerful-but-dangerous API >> and I wouldn't recommend it unless you have no other choice. We may decide >> to stop supporting it in the future. >> >> --BDS >> >> >> ___ >> dev-platform mailing list >> dev-platform@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-platform ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: NPAPI plug-in use case: certified medical devices
Will either js-ctypes or child process-calling add-on passes AMO review? With signing requirement those add-ons would not be allow to run in Firefox without signing from AMO at all right? On Fri, Aug 28, 2015 at 11:42 PM, Benjamin Smedberg benja...@smedbergs.us wrote: On 8/28/2015 10:25 AM, Tony wrote: Our product makes use of a 3rd party medical device that requires a C library for usage. We created a NPAPI plugin that wraps this C library so we can access the device from JavaScript. Here's where the lawyers get involved... The medical device, **including** the software included with the device are FDA certified. We (as an user of the device) are not allowed to provide our own software to access the device (which we could do without much effort). We have to use the certified C library. The manufacture of the device (and its library) do not wish to share their Intellectual Property (IP) with us so that we could create a modern browser extension. As most of their customers use their product with native OS clients, not browser based clients. I recommend that you write this as a Firefox addon in the following way: * construct a shim program which links the C library and communicates with the addon on stdin/stdout * use the addon SDK and system/child_process to launch your shim program and communicate with it See https://developer.mozilla.org/en-US/Add-ons/SDK/Low-Level_APIs/system_child_process for a description of system/child_process. I'm going to contradict Ehsan here: ctypes is a powerful-but-dangerous API and I wouldn't recommend it unless you have no other choice. We may decide to stop supporting it in the future. --BDS ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: NPAPI plug-in use case: certified medical devices
On 8/28/2015 10:25 AM, Tony wrote: Our product makes use of a 3rd party medical device that requires a C library for usage. We created a NPAPI plugin that wraps this C library so we can access the device from JavaScript. Here's where the lawyers get involved... The medical device, **including** the software included with the device are FDA certified. We (as an user of the device) are not allowed to provide our own software to access the device (which we could do without much effort). We have to use the certified C library. The manufacture of the device (and its library) do not wish to share their Intellectual Property (IP) with us so that we could create a modern browser extension. As most of their customers use their product with native OS clients, not browser based clients. I recommend that you write this as a Firefox addon in the following way: * construct a shim program which links the C library and communicates with the addon on stdin/stdout * use the addon SDK and system/child_process to launch your shim program and communicate with it See https://developer.mozilla.org/en-US/Add-ons/SDK/Low-Level_APIs/system_child_process for a description of system/child_process. I'm going to contradict Ehsan here: ctypes is a powerful-but-dangerous API and I wouldn't recommend it unless you have no other choice. We may decide to stop supporting it in the future. --BDS ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: NPAPI plug-in use case: certified medical devices
On 2015-08-28 10:25 AM, Tony wrote: Our product makes use of a 3rd party medical device that requires a C library for usage. We created a NPAPI plugin that wraps this C library so we can access the device from JavaScript. Have you considered creating an extension that calls into the C library using js-ctypes, and provides the functionality to the web page? ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
NPAPI plug-in use case: certified medical devices
Our product makes use of a 3rd party medical device that requires a C library for usage. We created a NPAPI plugin that wraps this C library so we can access the device from JavaScript. Here's where the lawyers get involved... The medical device, **including** the software included with the device are FDA certified. We (as an user of the device) are not allowed to provide our own software to access the device (which we could do without much effort). We have to use the certified C library. The manufacture of the device (and its library) do not wish to share their Intellectual Property (IP) with us so that we could create a modern browser extension. As most of their customers use their product with native OS clients, not browser based clients. --Tony ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: NPAPI plug-in use case: certified medical devices
While this sounds like a good solution to this specific use case, and while I agree that js-ctypes is horribly fragile, I'm not certain that this solution can be generalized to AMO-released add-ons that need access to OS-specific features, since we don't really like add-ons that ship native code. So if we ever decide to stop supporting js-ctypes, I vote that we first get in touch with add-on authors who make use of it, gather them in a room, and come up with an alternative solution. Cheers, David On 28/08/15 17:42, Benjamin Smedberg wrote: I recommend that you write this as a Firefox addon in the following way: * construct a shim program which links the C library and communicates with the addon on stdin/stdout * use the addon SDK and system/child_process to launch your shim program and communicate with it See https://developer.mozilla.org/en-US/Add-ons/SDK/Low-Level_APIs/system_child_process for a description of system/child_process. I'm going to contradict Ehsan here: ctypes is a powerful-but-dangerous API and I wouldn't recommend it unless you have no other choice. We may decide to stop supporting it in the future. --BDS ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform -- David Rajchenbach-Teller, PhD Performance Team, Mozilla signature.asc Description: OpenPGP digital signature ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform