Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MiniApp URI Scheme #478

Closed
siusin opened this issue Feb 27, 2020 · 10 comments
Closed

MiniApp URI Scheme #478

siusin opened this issue Feb 27, 2020 · 10 comments
Assignees
@cynthia @ylafon
Labels
Resolution: satisfied The TAG is satisfied with this design Review type: CG early review An early review of general direction from a Community Group Topic: networking Topic: packaging Topic: URLs Venue: MiniApps CG
Milestone
2021-06-28-week

Comments

@siusin
Copy link

siusin commented Feb 27, 2020
edited
Loading

Hello TAG!

I'm requesting a TAG review of MiniApp URI Scheme.

This is the first proposal from the MiniApps Ecosystem Community Group. The MiniApp URI scheme is a protocol that uniquely corresponds to a specific resource within a mini app. Mini apps are applications that run on the user agent and are based on Web technology combined with native application technology. This specification is supposed to work with the MiniApp package specification(under development) , which defines the form of resources in the mini app, as well as the specific path in the mini app and the mapped path relationship in the MiniApp URI scheme.

Further details:

  • [*] I have reviewed the TAG's API Design Principles
  • The group where the work on this design is being done (or is intended to be done in the future):
    MiniApps Ecosystem Community Group
  • Existing major pieces of multi-stakeholder review or discussion of this design:
  • Major unresolved issues with or opposition to this design:
  • This work is being funded by:

You should also know that...

[please tell us anything you think is relevant to this review]

We'd prefer the TAG provide feedback as (please delete all but the desired option):

🐛 open issues in our GitHub repo for each point of feedback
@siusin siusin added Progress: untriaged Review type: CG early review An early review of general direction from a Community Group labels Feb 27, 2020
@cynthia
Copy link
Member

cynthia commented Feb 28, 2020
edited
Loading

(NOTE: Not a full review)

The explainer only contains a what (in terms of solution), and lacks a problem definition and use cases that motivated this work - could you take a look at our explainers explainer and revise? Ideally, it would be a separate document; not a blurb in the spec.

Possibly blunt but curious question - it seems the "dereferencing" process ends up with a standard HTTP(s) URL. Wouldn't using that as is make it more accessible to end-users? This would trip unless you have a runtime (which would be also presumably, be a browser) - it feels like this tripwire mechanism's main motivation is to make the user install the runtime (in which case, what does this runtime provide that the current browser does not?), which I'm not sure is something that I personally would agree with.

@siusin
Copy link
Author

siusin commented Feb 28, 2020

Thanks @cynthia !

@Sharonzd could you prepare a explainer for this document?

@Sharonzd
Copy link

Sharonzd commented Mar 2, 2020

Hi, Cynthia, If I had misunderstood your question, please tell me.

I understand your question contains two points,

  1. Why not directly use the HTTPS protocol as the MiniApp URI?
  2. The current MiniApp URI mechanism requires a set of runtimes to parse it. Why is it necessary? What is the difference between that runtime and a conventional browser?

For point 1, downloading a package through the network is just one of the ways to get a package. In addition, there are many ways to access a miniapp resource:

For example, after accessing the miniapp once, the miniapp package would be stored locally. Or the user agent can preset the miniapp package before the user accesses the URI for performance (as we mentioned in #2.1.6 of the miniapp white paper ). Or when debugging the miniapp, the developer can directly push the miniapp package to the user agent through a debugging tool.

In these cases, the user agent open miniapp locally according to the appId in MiniApp URI without having to request a package server.

In other case, the user agent can specific its own mapping relationship with "host" component. For example, the "bar" in "miniapp: // foo @ bar" can correspond a domain or a local directory, anyway.

In summary, MiniApp URI are designed to locate MiniApp resource cross-platform, regardless of how they are obtained.That cannot be expressed intuitively through HTTPS URLs only. This is why we mentioned in Chapter 6 Use HTTPS that it is non-normative, and it just describes a user scenario.

For point 2, the runtime make miniapp can help to fill the gap of the Web and the Native.(like we mentioned in miniapp white paper introduction. And because the design of the MiniApp is different from traditional web applications (like we mentioned in the core-features the miniapp white paper)). Even if the miniapp packaged is downloaded by a traditional browser, it cannot be opened and run.

And with the necessity of the MiniApp URI demonstrated above, therefore, browsers need to implement MiniApp URI specifications to correctly parse MiniApp URIs and implement MiniApp runtime related specifications (under development) to open and run MiniApps properly.

@cynthia
Copy link
Member

cynthia commented Mar 3, 2020

@ylafon and I looked at this during the Wellington F2F. Based on the proposals, we have some technical concerns.

First of all, it is generally not a good idea to invent a new scheme (Also: https://www.w3.org/TR/webarch/#URI-scheme). The motivation described in the initial round of feedback we got was around performance and pre-installation. As for performance, browser caching mechanisms and plumbing provided for PWAs should provide the necessary mechanisms needed, if there are uncovered use-cases or patterns, it would be best to address those by improving said specs. Currently, it seems like the main motivation for the custom scheme is to trigger loading through the runtime, which we believe can be achieved through content types (see Webarch) and URI templates. We saw this pattern used in the QuickApps URI templates in the explainer; it would be useful to know why that was not considered.

As for pre-installation - unless there is a story around preserving the trust chain, we are not sure how this would work. Pre-installation mechanisms without any validation of provenance can undermine the integrity and guarantees of delivery through HTTPS.

Could you please provide us with some details on how you plan to address these issues?

@cynthia cynthia added Progress: pending external feedback The TAG is waiting on response to comments/questions asked by the TAG during the review Progress: pending editor update TAG is waiting for a spec/explainer update labels Mar 3, 2020
@cynthia
Copy link
Member

cynthia commented May 26, 2020

Friendly ping - any updates?

@plinss plinss added this to the 2020-06-01-f2f-plenary milestone May 28, 2020
@Sharonzd
Copy link

Sorry, here are the latest updates: https://github.com/w3c/miniapp/issues/34

@xfq xfq mentioned this issue Jun 4, 2020
Closed
@torgo torgo modified the milestones: 2020-06-08-week, 2020-06-22-week Jun 9, 2020
@cynthia
Copy link
Member

cynthia commented Sep 23, 2020

@ylafon and I discussed this during our "F2F". It seems like work is going in the right direction, but not yet at a point where we can do further review. We'd be happy to take a second look when there is something for us to review.

@plinss plinss removed this from the 2020-09-21-F2F-Cork milestone Oct 14, 2020
@xfq
Copy link
Contributor

xfq commented Nov 16, 2020

The CG (and/or the proposed WG) will rename the spec to "MiniApp Addressing" and rewrite the spec to reuse http(s). See:

@cynthia
Copy link
Member

cynthia commented Jan 26, 2021

I was told by @ylafon that the direction has changed (for the better) so we think our work is done here. We're happy to see the new direction that group has taken for this particular issue, and we're glad to see this move forward. Thank you for bringing this to our attention!

@cynthia cynthia added Progress: review complete Resolution: satisfied The TAG is satisfied with this design Progress: propose closing we think it should be closed but are waiting on some feedback or consensus and removed Progress: pending editor update TAG is waiting for a spec/explainer update Progress: pending external feedback The TAG is waiting on response to comments/questions asked by the TAG during the review Progress: stalled labels Jan 26, 2021
@Sharonzd Sharonzd mentioned this issue Mar 5, 2021
Closed
@torgo torgo added this to the 2021-06-28-week milestone Jun 23, 2021
@torgo
Copy link
Member

torgo commented Jun 29, 2021

We're going to close this for now and we look forward to reviewing when you have a new proposal.

@torgo torgo closed this as completed Jun 29, 2021
@torgo torgo removed Progress: propose closing we think it should be closed but are waiting on some feedback or consensus Progress: review complete labels Jun 29, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cynthia cynthia

@ylafon ylafon

Labels
Resolution: satisfied The TAG is satisfied with this design Review type: CG early review An early review of general direction from a Community Group Topic: networking Topic: packaging Topic: URLs Venue: MiniApps CG
Projects
None yet
Milestone
2021-06-28-week
Development

No branches or pull requests
7 participants
@cynthia @torgo @ylafon @plinss @xfq @siusin @Sharonzd