Capabilities field in Web App Manifest undocumented?

9 views
Skip to first unread message

subsembly

unread,
Mar 4, 2011, 10:21:25 AM3/4/11
to mozilla-labs
Hi,

the Open Web Apps concept is very interesting to me. However, when
looking at the documentation of the manifest file at
https://developer.mozilla.org/en/OpenWebApps/The_Manifest I found that
the very important "capabilities" field is mentioned, but not
documented at all. Is there any other place where I can find a full
documentation of the manifest file?

Cheers,

Andreas

Lloyd Hilaiel

unread,
Mar 4, 2011, 5:19:44 PM3/4/11
to mozill...@googlegroups.com
Hey Andreas,

The fact that capabilities is mentioned is an accident (I just removed all references
from that document), and the fact that it's undocumented is intentional.

One of the things we're all excited about is how the process of installing a web app
can grant extra "capabilities" to a website. This key is one early idea about how
an application author might request extra permissions ("I'd like a webcam please"), and
express super powers ("I can share contacts!").

So capabilities is not part of the integration release, and is something that folks
are exploring now. It'll make it into a subsequent release.

very best,
lloyd

> --
> You received this message because you are subscribed to the Google Groups "mozilla-labs" group.
> To post to this group, send email to mozill...@googlegroups.com.
> To unsubscribe from this group, send email to mozilla-labs...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/mozilla-labs?hl=en.
>

Steve Baker

unread,
Mar 4, 2011, 7:08:22 PM3/4/11
to mozill...@googlegroups.com, Lloyd Hilaiel
I applaud your cautious stance on this. Clearly it's useful - but given
what we've seen happen in the Android world with people granting rights
to apps without carefully considering the consequences (probably without
even reading the blurb) - we need to be super-cautious.

The extra permissions I'd like to see rolled out early are the really
non-controversial ones: "Ability to reposition the mouse cursor" for
example...vital for first-person shooter games...only exploitable under
pretty extreme circumstances.

I'd also support the "narrowing of rights" - such as removing the right
to execute when the tab you're running in is not at the front.

But definitely, take the time to get other things right first.

-- Steve

Robin Berjon

unread,
Mar 5, 2011, 12:47:47 PM3/5/11
to mozill...@googlegroups.com
Hi Lloyd,

On Mar 4, 2011, at 23:19 , Lloyd Hilaiel wrote:
> One of the things we're all excited about is how the process of installing a web app
> can grant extra "capabilities" to a website. This key is one early idea about how
> an application author might request extra permissions ("I'd like a webcam please"), and
> express super powers ("I can share contacts!").

I'm curious, do you happen to have any early ideas on how this might work (presuming it's different from the classic prompting model) or UI sketches for it? It's a pretty tough problem to solve right and I'm very interested in hearing about new takes on it.

--
Robin Berjon
Robineko (http://robineko.com/)

l.m.orchard

unread,
Mar 8, 2011, 10:48:54 PM3/8/11
to mozilla-labs
Yeah, I'm really excited to see how capabilities could work after
checking out the concepts.

Something like xauth.org, but browser-mediated? Seems like it would be
killer to combine browser-managed service relationships and logins
with iframe + postMessage. That would be mostly HTML5 tech with just a
thin layer of browser support needed.

Reply all
Reply to author
Forward
0 new messages