WebAPI/WidgetAPI: Difference between revisions

← Older edit

WebAPI/WidgetAPI (view source)

Revision as of 03:06, 17 July 2015

953 bytes added , 17 July 2015

Prevent Pages to Be Embedded {{bug|1043110}}

Junior Hsu

Confirmed users

29

edits

@@ Line 15: / Line 15: @@
          "launch_path": "/widget.html",
          "description": "This is my cool widget",
-         "screenshot": "foo.jpg",
+         "preview_image": "foo.jpg",
          "locales": {
            "en-US": {
@@ Line 21: / Line 21: @@
              "name":"MyApp2000 Widget",
              "description":"This is my cool widget",
-             "screenshot": "foo_en-US.jpg"
+             "preview_image": "foo_en-US.jpg"
            }
          }
@@ Line 72: / Line 72: @@
 === Prevent Pages to Be Embedded {{bug|1043110}} ===
 Widgets' pages MUST be listed in "widgetPages" field which is the white list of widget pages. All pages in this list can be accessed through widget iframe. Others are shown as error pages, including other app pages and external pages. If the widget frame's src points to a page which is NOT listed in widgetPages,
-*for existing app page: show [http://dxr.mozilla.org/mozilla-central/source/xpcom/base/ErrorList.h#474 NS_ERROR_DOM_INVALID_ACCESS_ERR]
+*for existing app page: show NS_ERROR_MALFORMED_URI
-*for missing app page: show [http://dxr.mozilla.org/mozilla-central/source/xpcom/base/ErrorList.h#443 NS_ERROR_FILE_NOT_FOUND]
+*for missing app page: show NS_ERROR_MALFORMED_URI
-*for external web page: show [http://dxr.mozilla.org/mozilla-central/source/xpcom/base/ErrorList.h#474 NS_ERROR_DOM_INVALID_ACCESS_ERR]
+*for external web page: show NS_ERROR_MALFORMED_URI
 === Other Notes ===
@@ Line 98: / Line 98: @@
 **mozbrowserloadend
 **mozbrowserloadstart
+**mozbrowserfirstpaint
+**mozbrowserdocumentfirstpaint
 ==== Security sensitive ====
@@ Line 116: / Line 118: @@
 **mozbrowsertitlechange - discloses title, privacy issue.
 **mozbrowseropensearch - I assume this discloses the link value, maybe a privacy issue?
+**mozbrowsermanifestchange
+**mozbrowsermetachange
 === no use case ===
@@ Line 129: / Line 133: @@
 *Events
 **<strike>mozbrowserasyncscroll</strike>
+**<strike>mozbrowserresize</strike>
+**<strike>mozbrowseractivitydone</strike>
+**<strike>mozbrowserscroll</strike>
 ==Q&A==
@@ Line 144: / Line 151: @@
 * Some apps want to app.launch() its app mode while user click its widget, but some want to be enlarged.  Is there a way to specify?
 ** We may introduce an attribute in manifest which tells widget embedder how to process the enlarging behavior. But we have to discuss it with Web API team.
+* What happens when embedder removes the mozwidget attribute of existing iframe?
+** Nothing. We still follows the widget API rules to manage the iframe, the limited APIs and the same permissions.
+* What happens when embedder uses mozapp originally and swap it as mozwidget?
+** Nothing. We still follows the mozapp API rules to manage the iframe, the full-set browser API and the same permissions.
+* What happens when embedder removes the mozwidget and changes the src of an existing iframe?
+** Nothing. We still follows the widget API rules. If the src is in widgetPages, nothing happens. If the src is not in widgetPages, an error is emitted NS_ERROR_DOM_INVALID_ACCESS_ERR or NS_ERROR_FILE_NOT_FOUND.
 ==Bugs==
-* {{bug|1005818}} A new 'embed-widgets' permission exposing to privileged apps for solving widget case.
+* <del>{{bug|1005818}}</del> A new 'embed-widgets' permission exposing to privileged apps for solving widget case.
 ** Part 1: Load a widget as an app if the |src| is in the |widgetPages|
 ** Part 2: Only limited browser API are available to a widget
 * {{bug|1043110}}  an appropriate way to prevent forbidden pages to be embedded in a widget iframe
+* {{bug|1052328}}  Let privileged apps be able to launch a widget via APP protocol URIs
+* {{bug|1052334}}  create a function to retrieve preview image of widget
+* {{bug|1053724}}  Prevent Widget Frame to Listen/Handle System Message
+[[Category:Web APIs]]