Labs/Apps/MyApps

myapps.mozillalabs.com is an HTML5 implementation of an Open Web App repository. It is a client-side trusted collection of the manifests that the user has installed.

It is a prototype, intended for experimental use, and to foster discussion. We do not propose that it would the ultimate repository for all users' applications.

App stores or specific applications can interact with the repository using cross-document messaging by including the Javascript from https://myapps.mozillalabs.com/jsapi/include.js and use the AppClient object that is exposed. In the myapps.mozillalabs.com case, we expose four functions:

• install({ manifest: <manifest object> , [ authorization_url: <url> ], [ session: <session> ], [ signature: <sig> ], callback: <function> }):

Prompts the user for confirmation of the manifest, possibly checking the installation and application domains against a registry of known malware sites. If the user consents, the manifest is installed into the repository, along with the hostname of the installing site and a timestamp. If the installing site does not use SSL, the user will be strongly discouraged from installing the application. When the installation flow is completed with success or failure, the installing website is notified through the callback.

The optional authorization_url and signature fields are persisted into local storage along with the manifest, as part of the installation.

• getInstalled( <callback> ):

returns, through the callback, the installed applications whose URLs are contained by the calling site. This allows an application to find out whether its manifest has been installed on a browser when the user visits the site.

• getInstalledBy( <callback> ):

returns, through the callback, the applications that were installed by the calling domain. This allows an application directory or store to determine if an application is already installed, during browsing.

• verify ( [<return-to>], <callback> ):

selects the application whose URL matches the calling site, and initiates the verification flow for that application by loading the authorizationURL of the application.