ubuntu-appstore-developers team mailing list archive

Thread
Date

Webapps confinement & click package story

To: ubuntu-appstore-developers@xxxxxxxxxxxxxxxxxxx
From: Alexandre Abreu <alexandre.abreu@xxxxxxxxxxxxx>
Date: Fri, 6 Sep 2013 11:02:23 -0400

Hi,

We are working on webapps integrations and click packaging on UbuntuTouch
and trying to address the WebApps confinement details.

We already had a chat with Jamie about that last week to further trim down
the whole story.

A bit of rough context before the gist of the email:

- A Webapp on Touch will be an individual click package with a desktop
file, a set of icons, and possibly (but not strictly mandatory) a snippet
of javascript along with a manifest file,

- The webbrowser-app will be used as a container for running the Webapp,
and the Exec line from the desktop file for each Webapp click package will
reflect that with something roughly like:

Exec=webbrowser-app --webapp http://ubuntu.com

(subject to change)

with various additional command line options that will be used to tweak the
UI aspect and (restricted) navigation,

- When running in "Webapp mode", the click-desktop hook will property setup
the Path in the desktop file and the app will be started with the local
package as the cwd, which will then be used to locate potential snippets
that need to be injected by the webbrowser-app (the local lookup bit needs
to be added since atm it tries to search for snippets in /usr/share),

Now the bits that are left:

1. how the webbrowser-app should react to that and act in a properly
confined way for each Webapp. The idea there would be to prevent history,
bookmarks, cookies etc. to be shared among the Webapps and obviously with
the regular browser app.

This would be done by tweaking the webbrowser-app to setup its cache & data
folders depending on it's startup APP_ID.

2. The webapp browsing experience would be strictly confined to a specific
set of url patterns, and the functionality is already being merged in the
webbrowser-app,

3. I was wondering if for those packages and given the specific nature of
webapps and the associated security risks (spoofing, phishing etc), we
would  be able to bypass some sort of review process that would be a bit
more restricted than the one (if any) for other apps. At the moment, the
APP_ID specific profile would prevent any local data capture etc.

Jamie did put up a wiki page to capture the current decision/state of the
discussions,

https://wiki.ubuntu.com/SecurityTeam/Specifications/WebAppsConfinement

Cheers!
Alex

Follow ups

Re: Webapps confinement & click package story
From: Jamie Strandboge, 2013-09-10
Re: Webapps confinement & click package story
From: Marc Deslauriers, 2013-09-06