1 / 73

Web Framework

Web Framework. Contents. Web framework WRT, W3C Web APIs, Supplementary APIs, Device APIs, UI framework Web runtime Installer, client, core, injected bundle, security, launchpad Web APIs HTML5+deviceAPI Device APIs

dferris
Download Presentation

Web Framework

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Web Framework

  2. Contents • Web framework • WRT, W3C Web APIs, Supplementary APIs, Device APIs, UI framework • Web runtime • Installer, client, core, injected bundle, security, launchpad • WebAPIs • HTML5+deviceAPI • Device APIs • Common, content, social, application, system, communication, Input/Output, UI • Web view • WebKit, Webkit2, Webkit2/EFL

  3. Web Application • Web application • Using web based technologies • Accessing local device / platform resources • Can be installed on the device Source: Ming Jin , Tizen Web Runtime. Tizen Developer Conference 2012.

  4. Web app on the Web framework • Web framework • aggregates the Web Runtime along with the W3C API, Device API, and a UI framework containing widgets derived from jQuery Mobile Source: Jaesik Chang , Tizen Webkit For Wearable Devices. Tizen Developer Conference 2014.

  5. Web framework • Provides: • Best Web experience with Browser and packaged Web Apps • Focusing on functionality(HTML5), performance (UI Responsiveness, 2D/3D Acceleration, JS Engine), Standard Compliance(W3C) • More device feature accessibility through Tizen Device API • jQuery Mobile based Tizen Web UI FW enables easy Web App development • Consists of: • Web Runtime: Execution environment for packaged Web App • WebView (WebKit2/EFL): JavaScriptCore, WebCore(HTML5/W3C API implementation), WebKit API Source: Sunil Saxena , Tizen Architecture. Tizen Developer Conference 2012.

  6. Web Runtime

  7. Web Runtime on Tizen • Web Runtime • Environment within which all web applications run on Tizen • Package management (installation, update, etc.) • Execution and lifecycle (launching, pause, resume, etc.) • Runtime security (API/network access, sandboxing, etc.) • Device and platform integration(access local device and platform resources) Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  8. Tizen Web Runtime Internal Blocks Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  9. Web Runtime web src wrt view view_module.cpp IVewModule class pointing to ViewLogic webkit Injected-bundle Injected-bundle.cpp Load libraries to Webprocess dynamically view_logic.cpp ViewLogic(), createWebView(), prepareView(), showWidget(), hideWidget() CoreModule::Init(), Terminate() api_new core_module.cpp runnable_widget_object.cpp Show(), Hide(), Suspend(), Resume(), Prepareview() web-client wrt-client.cpp WrtClient::WrtClient(), OnStop(), OnCreate(), OnReset() web-launcher wrt-launcher.cpp wrt-common Display_widget_info(), AttachDB() launchpad.c web-launchpad-daemon launchpad_src wrt-installer __real_launch() __normal_fork_exec() __fake_launch_app() __prepare_exec() wrt-security wrt-security ace._client.cpp checkFunctionCall()

  10. Tizen Web Runtime Internal Blocks • WRT Installer • After download is finished, install the resources to the appropriate directories • Register app to WRT database • Extract content of the package file • Check configuration file • Generate manifest file for interacting with native application • Update SMACK (Simplified Mandatory Access Control Kernel) policy based on requested privileges Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  11. Application install wrt-installer main() WrtInstaller: Public DPL::Application InstallStepEnum InstallerLogic::InstallWidget /wrt.installer.git/src/wrt-installer/wrt_installer_api.cpp wrt_install_widget CONTROLLER_POST_EVENT JobWidgetInstall::JobWidgetInstall AddTask() /wrt.installer.git/src/jobs/widget_install/job_widget_install.cpp TaskDesktopFile::TaskDesktopFile app.Exec() TaskDesktopFile::stepCreateExecFile [ln –s /usr/bin/wrt-client {widget-handle} ] /wrt.installer.git/src/jobs/widget_install/widget_install_context.h

  12. Application launch wrt-launch g_dbConnection->AttachDatabase(); launchpad_preloading_preinitializing_daemon AUL aul_launch_app app_send_cmd AUL __launchpad_main_loop Fork(); execv __create_server_sock __create_client_socket ail_package_get_appinfo wrt-commons /opt/apps/org.tizen.webui/bin/ WrtDatabase::Address() ail ail_package_get_appinfo GlobalConfig::GetWrtDatabaseFilePath(); Global_config.h GetWrtDatabaseFilePath() Db: .app_info.db.wrt.db /wrt.installer.git/wrt-commons/modules/widget_dao/include/dpl/wrt-dao-ro/global_config.h

  13. Addstep(&WrtClient::initStep); Addstep(&Wrtclient::launchStep); AddStep(&WrtClient::finalizeLaunchStep); AddStep(&WrtClient::killWidgetStep); DPL::Event::ControllerEventHandler wrt-client WrtClient::OnReset WrtClient::setStep main() WrtClient.Exec() wrt-common Application::Exec() Application::app_reset app-core appcore_efl_main __before_loop __do_app elm_run(); appcore_init elementary-1.0 aul Aul_launch_argv_handler ecore_main_loop_begin() app_start_internal _aul_handler

  14. wrt-client WidgetController WrtClient::setStep WidgetController::OnEventReceived( WidgetControllerEvents::InitializeEvent WidgetConrtollerEvents::LaunchWidgetIdEvent Addstep(&WrtClient::initStep); Addstep(&WrtClient::launchStep); AddStep(&WrtClient::finalizeLaunchStep); AddStep(&WrtClient::killWidgetStep); DPL::Event::ControllerEventHandler <NextStepEvent>::PostEvent(NextStepEvent) WidgetLogic wrt-common Event controll system

  15. wrt-client WidgetController::OnEventRecievd m_widgetLogic.createWidgetModel() m_view->prepareView m_view->showWidget new WidgetViewDataStructure(max win) new WindowData(); createWebview(m_widgetView); ViewLogic::prepareWebview elm-webview createWindow(pid); elm_webview_add() elm_webview_uri_set window = elm_win_add(); ecore_x_window_prop_property_set webkit-engine elementary Elementaryelm-webview-1.0.1 ewk_view_uri_set() win = ELM_NEW(Elm_Win)l eina_list_append(_elm_win_list.win->win_obj); wd->webkit = _elm_smart_WebView_add() ewk_view_reload()

  16. Tizen Web Runtime Internal Blocks • WRT Client • Callback related to the life-cycle (launch, resume, pause, terminate) • When new web application is launched, the system spawns two processes • UI process; manage the life cycle of an app • Web process; responsible for rendering the web content Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  17. Tizen Web Runtime Internal Blocks • WRT Core • Core module • Initialize the database, prepare information for launching, check network access • View module • Creation / deletion web view which contain a web application’s content • Control view layer including the capability of show, hide, suspend • Use WebKit and EFLEvas canvas library for view layer • Resource loading, creation of new web view • Add custom JS objects to WebKit view to access Tizen device APIs Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  18. Web core • Runnablewidgetobject • Handle or launch web application at window • Call proper methods at every state changes • Definition of IRunnableWidgetObject interface • web/wrt/src/api_new/i_runnable_widget_object.h • Implementation of RunnableWidgetObject • web/wrt/src/api_new/runnable_widget_object.cpp • ViewLogic • With Webkit and Evas library, geolocation, notification, plugin function is available

  19. Web core • IViewModule

  20. ViewLogic

  21. createWebView()

  22. Tizen Web Runtime Internal Blocks • Injected Bundle • Build a process management mechanism inside the WebKit API layer • Support additional function to Web Process by loading library dynamically at startup time like plugin • Unlike plugin, only one shared library can be loaded Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  23. Tizen Web Runtime Internal Blocks • WRT Security • Provide sandbox environment • Enforce SMACK rules • Cannot access the files of another application, system files or features unless it has been granted permission Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  24. Tizen Web Runtime Internal Blocks • WRT Launchpad • Preload WebKit and WRT libraries (such as libewebkit2.so, wrt-client) • Fork a new process (UI process) Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  25. Web Runtime on Tizen • Since Tizen 2.0 • Hosted web app support • Installation / Update flow improvement • WebKit2/EFL • Improvement of launching • Resources encryption / decryption • Web dynamic box support • Support system language change • Privilege-based API security • Process sandboxing Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  26. Hosted Web App Support • Hosted web app • A Web app with all of its resources located on a remote server • For now, it needs to be packaged with minimal resources: config.xml, signature(s) • Restrictions • Start page should be specified in <tizen:content> extension • All of rendered pages are remote pages • Only W3C/HTML APIs are allowed in remote pages • Created browsing context has the same origin as remote server origin Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  27. Installation/Update flow improvement • Installation Flow • New verification steps introduced • Higher-level privilege declaration is not allowed • Invalid signature is not allowed • New installation steps introduced • Resource encryption (if necessary) • Smack rules population • Deprecated steps • W3C widget P&C <feature> tag checking is ignored (used as Store side filtering purpose for now) • Update Flow • Update criteria • Must have the same Tizen app ID • Must have the same author signature • Update triggering point • At installation request time, if the request satisfies the “update criteria” • Update result • Web app data (settings, cookies, local storage etc.) must be preserved Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  28. Installation/Update flow • Installation / Update Flow Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  29. WRT – Lifecycle • Suspend / Resume • By default, webviews will be suspended by WRT when the Web App goes to background, unless the developer explicitly enables it via <tizen:setting> • Suspended activities include: JavaScript executions, timers, animations • Even if a webview is not suspended in background, the painting operations will not happen in background and the backing store will be purged • When switched to foreground, the suspended webviews will be resumed Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  30. WRT – Lifecycle Source: Ming Jin , Tizen Web Runtime. Tizen Developer Conference 2012.

  31. Based on WebKit2/EFL • Web App Process Model • Each Web app has 1 UI process and 1 web process • UI process manages lifecycle, and Web process is responsible for rendering • NPAPI plugins (if any) will run in separate processes Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  32. Launching procedure • wrt-launchpad • to preload WebKit and WRT libraries Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  33. Resource Encryption / Decryption • Resources are encrypted during installation / update • Enabled with <tizen:setting encryption=“enable”/> in config.xml • Web App directory is scanned recursively • Only resources with predefined extensions (html / js / css) are encrypted • Information about encrypted resources are stored in WRT DB • Resources are decrypted at runtime • UI Process informs Bundle (WebProcess) about the decryption necessity • Resources are decrypted to base64 string and read by WebKit Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  34. Resource Encryption / Decryption • Resource Encryption at Install / Update Time Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  35. Resource Encryption / Decryption • Resource Decryption at Loading Time Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  36. Web Dynamic box support • Web dynamic box • WRT install WDB at the time when its Web app is installed (WDB resources are packaged with its Web app) • On uninstallation, WDB resources are removed with its Web app • Supported sizes: 1x1, 2x1, 2x2 • Supports periodic update Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013. https://developer.tizen.org/ko/documentation/ux-guide/basic-interactions/dynamic-box

  37. Support system language change • Folder-based localization • Web App contents can be localized in file unit according to W3C Widget P&C specification • The localization requires page reloading, and the localized contents will only be reflected at next launching time • Element-based localization • Configuration document can be localized with xml:lang attribute • Content-based localization • System locale change event can be listened with Tizen System Info API • L10n routine needs to be implemented in locale change event handler Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  38. Process sandboxing • Web app (UI/Web process) sandboxing • UID: “app” • GUID: “app” • Process smack label: {PkgID} • Resource smack label: {PkgID} • Smack rules: basic application rules + privilege specific rules • Web app private data (e.g., localstorage, indexed db, cookie, etc.) is protected from the rest of system after sandboxing Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  39. Privilege-based API security • Privilege • A predefined collection of privileged APIs that can be assigned to the application to allow it to call the privileged APIs • Ex. http://tizen.org/privilege/account.read • Privilege level • A defined access level for the APIs, based on their influence • Public • Alarm, application, bluetooth, calendar, call history, contact, file system, message port, messaging, power, push, setting, system, etc. • Partner • App manager, secure element, system manager, etc. • Platform • Bluetooth manager, lock manager, package manager, setting manager, etc. Source: Ming Jin , Tizen Web Runtime Update. Tizen Developer Conference 2013.

  40. Privilege-based API security • Access control model • A subset of the JavaScript APIs supported in Tizen are considered restricted • Restricted refers to any JS function that can access the private data on a device such as location, contacts, calendar, etc. • Widgets need authorization to invoke restricted APIs • Permission declarations and authorization: • Declaration in manifest file: • <feature> element for device APIs • <access> element for network resources • Authorization: • prompt type decision according to WRT ACE policy user confirmations Source: Onur Aciicmez , Understanding the Permission and Access Control Model for Tizen Application Sandboxing. Tizen Developer Conference 2012.

  41. Privilege-based API security • Access Control enforcements • Tizen WRT supports Tizen WebApps and multiple APIs: W3C APIs, and non-W3C APIs like WebGL and Tizen Web API • WRT has a multi-process model • WebKit based • Widget instances are executed in separate processes • Provides runtime isolation and allows the system to enforce custom process-level containment (sandbox) on each instance • Two levels of access control enforcements • WRT Access Control Engine(ACE): Fine grained access ontrol on JS APIs • Application Sandbox via SMACK: Process-level containment by the kernel on system calls Source: Onur Aciicmez , Understanding the Permission and Access Control Model for Tizen Application Sandboxing. Tizen Developer Conference 2012.

  42. Privilege-based API security • Access Control Engine • Component responsible for Tizen policy management • Evaluates policy per single request • Manages policy and prompt verdict cache <feature name=http://tizen.org/api/filesystem required=“true”/> Source: Ming Jin , Tizen Web Runtime. Tizen Developer Conference 2012.

  43. Access Control Enforcements • ACE policy Evaluation PEP (Policy Enforcement Point): ACE interface for WRT PIP (Policy Information Point): Responsible for obtaining attribute values from WRT, Resource Information and OS PDP (Policy Decision Point): evaluates policies; Interacts with the user if necessary Policy Translator: Parses policies (XML) Verdict Manager: Responsible for caching the verdicts Source: Onur Aciicmez , Understanding the Permission and Access Control Model for Tizen Application Sandboxing. Tizen Developer Conference 2012.

  44. Access Control Enforcements • Process Sandbox via SMACK • The SMACK Policy File is updated with the appropriate rules during the install, update, or uninstall operations, as well as at run-time • Rules are based ondevice features (manifest file), user confirmations, and security files (label, permissions for each feature) Access is made to a device feature Widget requests access to a device feature ACE System Linux Kernel SMACK LSM Check access rights in the SMACK Policy File Return result to WRT Source: Onur Aciicmez , Understanding the Permission and Access Control Model for Tizen Application Sandboxing. Tizen Developer Conference 2012.

  45. Tizen Web Device API

  46. Web API support • W3C API • implements web standards relating to DOM, styles, device, graphics, media, communication, storage, security, UI, performance, location, and widget • The Device API • provides advanced logic employing sensors, file I/O, capturing, telephony, FM radio, speech recognition, HDMI output, and more Source: Tizen Overview and Architecture, Seokjae Jeong, Korea Linux Forum 2012.

  47. Why Tizen Web Device APIs? • Limitations of standard specifications • Most of them are still working drafts • No full support for the Tizen characteristic features • Tizen Web device APIs • Device APIs give the characteristic features of the Tizen platform • Device APIs have been updated agilely Source: Tizen – Universal Device Platform, Wonseok Lee, Samsung Electronics.

  48. Tizen Web Device APIs Design • Follows W3C specification API style • Numerical constants avoided but string enumerations used • Most methods are asynchronous • Success and error callback, and constructors used • Based on standard technologies • Tizen Web device API specifications are written in WebIDL • Implementation follows the fundamental rule of ECMAScript 5.1 and W3C WebIDL recommendation (for example, type conversion) • Defined tizen namespace • All Tizen device APIs exist in the tizen namespace • tizen is the global object to which all Tizen device APIs are bound Source: Tizen – Universal Device Platform, Wonseok Lee, Samsung Electronics.

  49. Tizen Web Device APIs Design • Defined tizennamespace Source: Tizen – Universal Device Platform, Wonseok Lee, Samsung Electronics.

  50. Tizen Web Device API Modules Source: Kisub Song , Tizen Web Device API. Tizen Developer Conference 2013.

More Related