Chartering
Posted on:Although it’s not required, we are currently trying to put together a charter for the Native Web Apps CG. We would like to hear your thoughts by Friday the 5th of December.
Although it’s not required, we are currently trying to put together a charter for the Native Web Apps CG. We would like to hear your thoughts by Friday the 5th of December.
As well as being able to use a classic “http://domain.com” style origin, widgets can also use a custom scheme called the Widget URI scheme that typically looks like this: widget://c1[…UUID…]a66/index.html The widget URI scheme works like a “fake” HTTP server: … Continue reading
Another ungrounded misconception is that widgets lack a security model. Widgets, like most things “Web”, rely on the same-origin security model defined in HTML5. However, because the HTML same-origin policy is quite liberal and prone to cross-site scripting attacks, the … Continue reading
Another misconception that has been around for a while is one that XML Digital Signatures and XML Canonicalization are notoriously difficult to implement correctly. This misconception seems to stem from issues that emerged in Java prior to version 1.4.1, which, … Continue reading
Another misconception about Widgets revolves around the choice to use XML over the now in vogue JSON format. Proponents of JSON argue that XML is too complicated for developers and for implementers, while other more conspiratorial individuals claim that there … Continue reading
One of the most common misconceptions about the W3C’s Widget packaging format is that it reinvents (or could simply have used) existing packaging formats: namely, Oracle’s Jar format, Mozilla’s XPInstall (XPI) format, or the Open Document Format. The widget packaging … Continue reading
Throughout the last few years, a number of misconceptions have been perpetuated about W3C Widgets. Over the next week, I will publish a number of post to address some of those misconceptions (hopefully setting the record straight): Misconception: Widgets reinvent … Continue reading
I asked a friend, Jimmy Ti, if he could make a rough prototype showing if it was possible to implement the Widget URI scheme in iOS. The critical bit I wanted to see working was faking HTTP responses. Here is … Continue reading
A little while back, I made a quick prototype showing how widgets could work with OAuth (with Twitter). The problem is that most widget engines don’t support something like Android’s Web View and usually can’t pop up Windows. Another issue is … Continue reading
So, somewhat ignoring the fact that we were going to plot and scheme about what Installable Web Apps could be… and Web APIs… I’ve had a first crack at making widget:// behave more like a HTTP request. This should solve a … Continue reading