rmce...@chromium.org, rei...@chromium.org
https://github.com/WICG/isolated-web-apps/blob/main/README.md
https://wicg.github.io/isolated-web-apps/isolated-contexts
Isolated Web Apps (IWAs) are an extension of existing work on PWA installation and Web Packaging that provide stronger protections against server compromise and other tampering that is necessary for developers of security-sensitive applications.
Rather than being hosted on live web servers and fetched over HTTPS, these applications are packaged into Web Bundles and signed by their developer. For this initial launch, installation can only be triggered by enterprise policy on managed devices.
https://github.com/w3ctag/design-reviews/issues/842
Pending
Gecko: No signal (https://github.com/mozilla/standards-positions/issues/799)
WebKit: No signal (https://github.com/WebKit/standards-positions/issues/184)
Web developers: Several companies have reached out asking about IWA availability (can’t name them publicly), the iwa...@chromium.org list is active, and there’s been some interest in the WICG repo.
Other signals:
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
N/A. Feature not compiled in Android.
No, the initial launch is scoped to ChromeOS only.
No, IWAs are built on top of PWA infrastructure, which isn’t currently supported by WPT.
#enable-isolated-web-apps
IsolatedWebApps
True
https://launch.corp.google.com/launch/4234446
We have histograms measuring the following (see WebApp.Isolated.*):
Installation result
Update result
Orphaned bundle cleanup job result
Bundle verification (signature and file format) result
Bundle resource read result
Initially only available on ChromeOS, with other platforms following at a later date.
Expected to be used initially by a small number (<10) number of partners, but any enterprise admin could develop and deploy an IWA if they choose.
Working directly with partners for whom IWAs are an appropriate solution.
Key rotations are handled by the Component Updater, which receives Google-managed configuration data.
https://github.com/GoogleChromeLabs/telnet-client
https://github.com/WICG/controlled-frame/tree/main/test_app
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
We recently added support for Integrity Block v2 to Signed Web Bundles, which hasn’t been spec’d yet. We’re supporting both Integrity Block formats for a few releases while partners migrate before dropping support for v1.
https://chromestatus.com/feature/5146307550248960
Intent to prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMayyUjocrvyQKgu-bZy_4z5VJ0ijHCAijBTZY2xLwJpJQ%40mail.gmail.com
This intent message was generated by Chrome Platform Status.
Link to entry on the Chrome Platform Status
https://chromestatus.com/feature/5146307550248960
Links to previous Intent discussions
Intent to prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMayyUjocrvyQKgu-bZy_4z5VJ0ijHCAijBTZY2xLwJpJQ%40mail.gmail.com
This intent message was generated by Chrome Platform Status.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CANtkjcS1A2rO%2BvHnnPXqc6sxhjenearhCGx9vxt%2BcKqM5otDfA%40mail.gmail.com.
Are there any things that an IWA needs that DevTools can't currently do?
Can you say more about this please? Or is there an issue or explainer to read for more context? Is there a plan to do the spec work?
Link to entry on the Chrome Platform Statushttps://chromestatus.com/feature/5146307550248960
Links to previous Intent discussionsIntent to prototype: https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAEmk%3DMayyUjocrvyQKgu-bZy_4z5VJ0ijHCAijBTZY2xLwJpJQ%40mail.gmail.com
This intent message was generated by Chrome Platform Status.
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.