• No results found

Tizen Web Runtime Update. Ming Jin Samsung Electronics

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Tizen Web Runtime Update. Ming Jin Samsung Electronics"

Copied!
32
0
0

Loading.... (view fulltext now)

Download now ( 32 Page )

Full text

(1)

Tizen Web Runtime

Update

Ming Jin Samsung Electronics

(2)

Table of Contents

Quick Overview of This Talk

Background, Major Updates, Upcoming Features

What Have Been Updated

Installation/Update Flow, WebKit2, Privilege Levels, Sandboxing, etc.

Upcoming Features

(3)
(4)

Revisit:

What Is Web App and Web Runtime

Web Application

• Using Web based technologies (HTML/JS/CSS/etc.) • Accessing local device / platform resources

• Can be installed on the device

Web Runtime

• Package management (installation, update, etc.)

• Execution and lifecycle (launching, pause, resume etc.) • Runtime security (API/network access, sandboxing, etc.) • Platform integration

(5)

5

Revisit:

Web Apps on Tizen Devices

Interaction

Device Resources Networking

User

(6)

Revisit:

Tizen Web App Ecosystem

Packaging & Signing Upload Verification & Filtering Download & Install Launch Tap Play Developer Develop SDK Store Web App User

(7)

7

What Have Been Updated

Hosted

” Web App support

Updated

installation

and

update

flow

WebKit2/EFL

based process model

Faster

launching

flow

Update on

suspend/resume

, and

localization

Resource

encryption/decryption

Privilege-based

API security

Process

sandboxing

(8)

Upcoming Features

CSP (Content Security Policy)

Navigation policy restriction

(9)
(10)

Core

Web Applications

Linux Kernel and Device Drivers

Native Applications

Tizen Web Framework

Web Runtime W3C / HTML5

App Framework

Base Connectivity

Graphics / UI Location Multimedia Messaging

PIM

Security System Telephony

Web Video Touch CSS3 WebGL Worker • • • Device APIs BT Call NFC Msg • • •

Tizen Native Framework

App / Shell Content

Base / Io Media Messaging

Net

Security

Social System

Telephony Text / Locales

Graphics / UI Uix

Web / Xml

Tizen API

Web UI F/W

(11)

11

Tizen Web Runtime Internal Blocks

Core

Linux Kernel and Device Drivers App Framework

Base Connectivity

Graphics / UI Location Multimedia Messaging

PIM

Security System Telephony

Web Tizen Web Runtime

Wrt Launchpad (daemon) Wrt Commons (library) Wrt Core (library) Core Module Wrt Client (executable) Wrt Installer (executable) View Module Installer Job Processing Injected Bundle (library) Wrt Wk2 Bundle Wrt Security (daemon)

(12)

Hosted Web App Support

What is “hosted” web app?

• A Web App with all of its resources located on a remote server

• For now, it needs to be packaged with minimal resources: config.xml, signature(s)

Restrictions:

• Start page should be specified in <tizen:content> extension • All of rendered pages are remote pages

• Only W3C/HTML APIs are allowed in remote pages

(13)

13

Installation Flow Update

New verification steps introduced:

• Higher-level privilege declaration is not allowed • Invalid signature is not allowed

New installation steps introduced:

• Resource encryption (if necessary) • Smack rules population

Deprecated steps:

• W3C Widget P&C <feature> tag checking is ignored (used as Store side filtering purpose for now)

(14)

Web App Update Flow

Update criteria:

• Must have the same Tizen App ID • Must have the same author signature

Update triggering point:

• At installation request time, if the request satisfies the “update criteria”

Update result:

(15)

15

Installation/Update Flow

Initial Config Parsing Installation Start Installation

Task Update Task

Unzip Package Check Configuration Check Certificate Installation Fail Encrypt Resource

Install Files Update Files

Privilege Check SMACK rules Manifest Update DB Installation Success Needs Encrypt? Is Update? [Yes] [No] [Yes] [No] [Security Error] [Invalid Certificate] [Invalid Format] [Decompression Failure]

(16)

WebKit2/EFL based Web App Process Model

Each Web App has 1 UI Process and 1 Web Process

• UI Process manages lifecycle, and Web Process is responsible for rendering

NPAPI plugins (if any) will run in separate processes

Wrt Client (UI Process) Web Process

IPC Wrt Core Wrt Commons App Core UI Proxy Wrt Client WebCore JSC Injected Bundle NPAPI Plugin App API PIM API … API IPC Module / Lib Process Wrt Security (daemon) IPC Privilege Check

(17)

17

Wrt Client (UI Process)

Web Process

Launching Procedure

Wrt-launchpad

is introduced to preload WebKit and WRT libraries

IPC Process Task Fork Caller application Wrt-launchpad launch AMD pid launch fork, UID & Smack

appcore events Libraries preloaded by wrt-launchpad: -libappcore-efl.so -libappcore-common.so -libisf-imf-module.so -libewebkit2.so -libinjected-bundle.so -wrt-client Create Ewk Context WebProcess Init Plugin Preloading Resource Loading fork Load URL Init AppCore Create Window Ewk View Add

(18)

Suspend / Resume

By default, webviews will be suspended by WRT when the Web

App goes to background, unless the developer explicitly

enables it via <tizen:setting>

• Suspended activities include: JavaScript executions, timers, animations • Even if a webview is not suspended in background, the painting

operations will not happen in background and the backing store will be purged

When switched to foreground, the suspended webviews will be

(19)

19

Localization

Folder-based localization

• Web App contents can be localized in file unit according to W3C Widget P&C specification

• The localization requires page reloading, and the localized contents will only be reflected at next launching time

Element-based localization

• Configuration document can be localized with xml:lang attribute

Content-based localization

• System locale change event can be listened with Tizen System Info API • L10n routine needs to be implemented in locale change event handler

(20)

Resource Encryption / Decryption

Resources are encrypted during installation / update

• Enabled with <tizen:setting encryption=“enable”/> in config.xml

• Web App directory is scanned recursively

• Only resources with predefined extensions (html / js / css) are encrypted • Information about encrypted resources are stored in WRT DB

Resources are decrypted at runtime

• UI Process informs Bundle (WebProcess) about the decryption necessity • Bundle performs resource decryption in willSendRequestForFrameCallback

(21)

21

Resource Encryption at Install/Update Time

wrt-installer WrtDB Encryption task wrt-commons ResourceEncryptor

Web app resources

config.xml resources Installer Configuration parser Data Flow Call (Callback) IPC fork Class/lib Process DB Modules (3) (1) (2) (4) (5) (6)

(22)

Resource Decryption at Loading Time

Web Process UI Process wrt-client WrtDB wrt-commons ResourceDecryptor resource Webkit WrtClient Bundle PageResourceLoadClient Data Flow Call (Callback) IPC fork Class/lib Process DB Modules (2) (1) (1) (3) (4)

(23)

23

Privilege Levels and API Permissions

Untrusted

• Location, web notification, media capture, full screen, unlimited storage

Public

• Alarm, application, bluetooth, calendar, call history, contact, file system, message port, messaging, power, push, setting, system, etc.

Partner

• App manager, secure element, system manager, etc.

Platform

• Bluetooth manager, lock manager, package manager, setting manager, etc.

(24)

Process Sandboxing

Web App (UI/Web Process) Sandboxing

• UID: “app” • GUID: “app”

• Process Smack label: {PkgID} • Resource Smack label: {PkgID}

• Smack rules: basic application rules + privilege specific rules

Web App private data (e.g., localstorage, indexed db, cookie,

(25)

25

Web Dynamic Box

Features:

• Included in a Web App package

• Installed, updated, and uninstalled as part of Web App package • Supported sizes: 1x1, 2x1, 2x2

• Supports periodic update: minimum 30 min term

(26)

Tizen Configuration Extensions Update

<tizen:application id=“PkgA.MyApp" package=“PkgA" required_version=“2.0" />

<tizen:privilege name="http://tizen.org/privilege/application.launch" /> <tizen:app-control> <tizen:src name="edit.html"/> <tizen:operation name="http://tizen.org/appcontrol/operation/edit"/> <tizen:mime name="image/jpg" /> <tizen:uri name=""/> </tizen:app-control>

<tizen:setting background-support="enable" /> <tizen:setting context-menu="disable" /> <tizen:setting encryption="enable" />

<tizen:setting screen-orientation="landscape" /> <tizen:setting install-location="internal-only" />

(27)

27

Typical Web App Directory Structure (on Device)

{PackageId}

bin {wrt-client soft link}

res wgt config.xml signature files start file (index.html) plugins arm {NPAPI} x86 {NPAPI} Additional files or directories data shared res data

(28)
(29)

29

Content Security Policy (CSP)

New fields required in config.xml:

• E.g.: <tizen:content-security-policy>, <tizen:content-security-policy-report-only>

Possible default policy:

• "default-src '*'; script-src „self‟; style-src „self‟; object-src „none‟;“

A Web App can define a fine-grained CSP policy by using

different directives:

(30)

Navigation Policy

New field required in config.xml:

• E.g., <tizen:allow-navigation>

Top-level window URL navigation is limited to the list of

domains specified in <tizen:allow-navigation>.

Navigation to any other domains (not listed in

(31)

31

AppCache Download

New field required in config.xml:

• E.g., <tizen:appcache-manifest-url>

Upon installation, download the appcache resources specified

in appcache manifest URL

Useful for hosted web apps to work offline or provide fallback

(32)

References

Download now ( PDF - 32 Page - 1.36 MB )

Related documents

Modeling KANSEI Through Real World Interaction

In first phase, as an example of Smart Sphere, we make a real world interface for shop space, and offer the service using this.. We deal a goods recommendation service of a store

Circulant dissimilarity based shape registration for object segmentation

Numerical experiments demonstrate that circulant dissimilarity based shape registration outperforms the iterative optimization on explicit pose parameters, and show promising

Tax Lien Purchase Property

Home loan process each tax lien certificate is another issue delivered to your property lien investing can refinance private lien investing can yield substantial rates and all

Multidimensional Fourier Transform on Sparse Grids

To reach an accuracy of 10 −1 , we see in Figure 8.17 that the classical sparse grid can achieve this in 7 dimensions using 10 6 grid points, while already in 5 dimensions, the

Generalized behavioral framework for choice models of social influence: Behavioral and data concerns in travel behavior

Two forms of social influence mechanisms have been used in travel behavior models: conformity (an endogenous social influ- ence mechanism) and compliance (a contextual social

Interdisciplinary Bedside Rounding: Patient Satisfaction with Nursing Communication and Decreased Hospital Readmissions

The purpose of this project was to evaluate if the IBR program at SHZCH improves the patient’s perception of communication with nursing as evidenced by improved patient

Oerlikon Leybold Vacuum GmbH. Bonner Str. 498 D Cologne. Date of issue: Oct 05, 2009 Date of revision: Sep 23, 2015

Threshold limit values of by-products from thermal decomposition: Components with workplace occupational exposure limits.. Components Value type Value

Comparative study of soil properties and vegetation at various open dump and non-dumpsites in the Bengaluru city of Karnataka, India

Hence, only these spe- cies datasets were taken into consideration for the analysis of variance Table 11 (a and b) represents ANOVA statistics for dominance of different plant