W3C home > Mailing lists > Public > public-web-intents@w3.org > January 2012

Re: Is there an existing mechanism that can be used for WebIntents?

From: Rich Tibbett <richt@opera.com>
Date: Fri, 20 Jan 2012 17:53:21 +0100
Message-ID: <4F199C01.10608@opera.com>
To: Paul Kinlan <paulkinlan@google.com>
CC: Mike Hanson <mhanson@mozilla.com>, Mike Kelly <mikekelly321@gmail.com>, public-web-intents@w3.org
Paul Kinlan wrote:
 > Hi Rich,
 > I know we have talked a bit about this off-list in the past, and it
 > has also been discussed on other channels.

No. This is a completely different proposal to anything we have 
discussed previously. This is not about making web intents fit in to the 
existing registerProtocolHandler mechanism. This is a proposal for 
'registerProtocolHandler Level 2' in which the main point is to assign 
full HTTP charateristics to custom web protocols so that they act in the 
same ways and with all the same rights as HTTP URLs operate today.

This simple notion greatly opens up the way that we can communicate via 
custom protocols. Instead of just being restricted to opening custom 
protocols in a new tab with query string parameters we get the 
full-blown abilities that come with HTTP: the ability to POST, the 
ability to filter on Content-Types, the ability to use Custom Protocol 
URLs within a web page and within existing web tools.

 > I will comment in-line as to why we think that this is not the
 > solution to the problem of connecting apps and building a successful
 > eco-system.

Comments also inline.

> On Fri, Jan 20, 2012 at 5:45 AM, Rich Tibbett<richt@opera.com>  wrote:
>> Mike Hanson wrote:
>>> Here's another one - Austin King did some experiments with
>>> registerProtocolHandler (supported in Firefox and Chrome) to do a
>>> similar thing, about a year ago:
>>> http://blog.mozilla.com/webdev/2010/07/26/registerprotocolhandler-enhancing-the-federated-web/
>> Could we not simply endow 'web+' protocols with full HTTP characteristics
>> (i.e. the ability to POST content towards custom protocolss) and then allow
>> developer to use these addresses through either existing web APIs like XHR
>> and Web Sockets, embed custom protocols directly within DOM elements or
>> setup Web Messaging channels by invoking a custom protocol via window.open?
> WI is quite an opinionated framework, it tries to say that for the
> majority of usecase a simple client-side request/response will work.

Web Intents relies on a web page being loaded in a seperate window or in 
an iframe. Once you have this it becomes a client side mechanism.

In the case that a simple channel needs setting up we just do:

var intentHandler = window.open('web+imageedit:foo.com/photo.jpg', 
intentHandler.onmessage = function( msg ) {
   // Only handle a response from the user-selected service
   if( msg.source === intentHandler ) {
     dump( msg.data );

// process image then on complete:
window.opener.postMessage({'action': 'complete' /* ... */}, '*');
// (window.opener will be set to the client page)

> Letting the developer communicate over XHR or Web Sockets or whatever
> else is a recipe for developer confusion and thus adoption.  If you
> were to build a service for image sharing, how would you tell the
> developer that you accepted XHR requests but not Web Sockets (or
> vice-versa).

It's a URL. This is currently a non-issue on the web and I expect it to 
be the same for registerProtocolHandler Level 2. How do you inform web 
pages that URLs are meant for Web Sockets or XHR communication today and 
avoid conflicts?

> Additionally, the web+ protocols are not as descriptive as we would
> like, yes you might be able to embed the verb into the scheme, but
> then supporting a wildcard set of data-types would be hard to define
> at a spec level, awkward to implement at a browser level and a pain to
> implement at the web dev publisher level.

If you are POSTing to a URL then you can set the Content-Type to 
whatever you wish. Either we let the service decide if it can handle the 
content when it receives it or we can let service providers submit a set 
of Content Types that they support with their registerProtocolHandler 
registration. I'm more than happy to rely on the former.

>> Drawing parallels with Web Intents, you would define the 'action verb'
>> within the protocol's schema, draw the content-type and other
>> characteristics from the full range of any POST headers. The data would be
>> sent in the body of a POST.
> This will not work with offline apps at all.  Web Intents is designed
> to be able to work completely independently from the server by
> handling the registration, invocation, selection and resolution and
> subsequently the user action in the service entirely on the client.

Web Intents opens a web page as a result of a user's intent handler 
selection. If that web paged is appcached then it will load and we will 
be able to establish a direct communication channel according to the 
snipped provided above. This works offline as much as Web Intents.

POSTing to a appcached URL will deliver that POST to the cached 
resource. It all works the same way.

> You also talked earlier about Web Sockets.  Is this now included or
> excluded from what you are talking about?

This is an implicit part of the mechanism, yes. Today we don't have a 
programmatic mechanism to distinguish what HTTP URLs are exposing. This 
is the same principle at work here.

> Remember that in Web Intents you can register all the remote services
> that you offer as a site in one page.  I don't see how this is
> resolved.

You can do the same with registerProtocolHandler.

>> If you wanted to set up a Web Intents messaging channel then you could do
>> window.open({customprotocol}), register a messaging listener against the
>> returned WindowProxy object and then use the WindowProxy/Window channel for
>> inter-communication ala Web Intents.
>> There would be no client-side API - you would invoke custom URLs via GET or
>> POST to use them directly within existing Web APIs.
> Again this has no chance of working with offline apps or just purely
> on the client-side (just a side note, appcache doesn't work well with
> query parameters - so you could appcache a URL for GET requests, but
> if you want to pass it any data via the query string you need to be
> online to do it).

This is true. So I'd architect my service to not accept query parameters 
then use a pre-designed messaging channel format to pass query string 
parameters. It's a design point.

> On another note, there are a lot of issues with resolving where the
> messages come from using the window.onmessage API.  Imagine you have a

See example above for resolution. Also, you can add the following to the 
server-side of the transaction.

window.onmessage = function( msg ) {
   if( msg.source !== window.opener) {
     // trash messages not sent from the opener

This is really simple on either end of the transaction.

> share button, the user clicks it twice it opens two windows - because
> the RPH system will resolve the URL to open the client app has no way

Calrification, if an in-page link is clicked or window.open is used 
against a custom protocol then it opens a separate web page.

If a custom protocol is used in an XHR, WS object then it doesn't 
require the opening of another web page

> of knowing the app/url that was opened, therefore when the remote
> windows postMessage back to the client how do you resolve for which
> user action the response was for - from my experimentation you can't
> easily (you have to track window objects and keep them maintained in a

For each click I maintain the returned result of the window.open call in 
a different parameter. I can distinguish between the two really easily.

<a href="web+videoview:example.com/videos/test.webm"/>
   var clicks = [];
   var anchor = document.getElementsByTagName('a')[0];

   anchor.addEventListener( 'click', function( evt ) {

      var intentHandler = window.open( anchor.href );

   }, false);

   window.onmessage = function( msg ) {
     for(var i in clicks) {
       if(msg.source === clicks[i]) {
         console.log( "Message is for event #" + i);

         // do something with message for click[i]


On the server-side each window.opener object should point to a different 
WindowProxy object of the initiating window. I'd be much more interested 
in solving this as a general problem for window.open than implementing a 
new API.

> global variable).   Imagine having to deploy this code to a blog just
> to support share buttons?  It is pretty complex and will be a huge
> maintenance nightmare.
> Can we just clear up one point - you mention in the earlier paragraph
> use a message listener then in the next you say use POST and GET to
> send to the server and say there is no client-side API - this reads as
> a contradiction?  How does the message and response get back to the
> invoked client app - say I want to edit an image in the browser, I
> open it up with window.open and encode the data (via JS to pass into
> window.open - maybe this would be form submit instead), I then edit
> the image in my favourite app and then what? window.postMessage back
> the data?  It can't come back in the response because we can access
> any data on the newly opened window reference - now we have client Js
> sending to the remote server data that will be sent back to the client
> via a mechanism such as postMessage.  This is hard and confusing.

This is how communication to other resources on the web works today.

A custom protocol becomes equivalent to a HTTP URL and you can do 
whatever you like with it. The UA sits in the middle to broker access to 
individual services at the user's request and proxies the request from 
the client to the server and back again. There is no concept of an XHR 
URL or a POST URL or a GET URL. It's a URL and you do want you can with it.

>> For POSTing to custom protocols: each schema would be free to design and
>> share their own format that, at the simplest level, would be a JSON
>> structure that those services registered for the custom protocol share.
> ick.  seriously?  Whilst web intents allows this, it is pretty
> constrained in saying that for the majority of cases a
> request-response semantics are the preferred solution.  That is you
> send some data of the type defined in the registration to the service
> and your receive it back all in the clientside.

Web Intents allows you to send a structured data object to the service 
side. HTTP allows you to do that too. People who use XHR do this all the 
time. So yes. Seriously.

> Do we really want to get into the process of defining a new spec for
> sharing a URL with associated JSON data structures?

No we don't. This would be a decentralized process much like how 
communication formats and protocols are established on the web today.

> WI says that if you say you will send an image you send the image
> object, it can either be a URL to the image or a representation of
> that in the client (a dataURI or Blob for instance).

You can send objects when you invoke a custom protocol via window.open 
and then the the transfer argument of the web messaging channel returned 
with that object.

>> No changes would be required on the server-side registration of a custom
>> protocol handler.
> There are no changes with WI either.  Unless you are talking about a
> server side change being updating a template to include the HTML (in
> which case we do need one change) and I think this would still happen
> with your suggestion as well.

I mean no changes at all. A service uses the registerProtocolHandler 
method in the usual way and as implemented in three browsers already.

> Just as an added FYI, part of the intent spec we are currently looking
> at is unifying the declaration of RPH and RCH and WI via the intent
> tag, so that you can declaratively register a content handler via an
> html element maybe of the format<intent type="image/*" />, this being
> less verbose that the associated JS, but also benefits from mime-type
> globbing etc.... We haven't specced it out yet, but it could be very
> powerful.
>> The major advantage of building on HTTP would be two-fold:
>> 1. Extend the reach of the web democratization revolution. Developers could
>> invoke custom protocols from e.g. a native application, select a service
>> handler and get forward to their chosen web app. A full HTTP-like mechanism
>> embodies all of the principles of Web Intents but also has the ability to
>> reach far beyond the web to 'things' that can be connected to the web and
>> the web that can connect to native apps and networked connected devices and
>> services.
> Are you saying that WI doesn't allow this?  Both RPH and Intents are
> focused on letting the user resolve the services that they wish to use
> for the action (or in RPH's case the protocol name).  The implication
> that a full HTTP model resolved by RPH will solve everything is
> patently false.  You want to send data to a native app on the users
> machine now that App has to understand how to process HTTP Post
> requests and how to respond to them - I also worry how does the UA
> define a consistent API to call the app give it the data and then
> expect a response back - can we build this native API/bridge
> consistently so the native app developer doesn't have to build a
> Chrome Bridge, a FF bridge and Opera bridge etc?

To all intents and purposes a web application can treat a custom 
protocol url as a HTTP resource. Who _doesn't_ know how to deal with 
that today?

> Also, registerProtocolHandler is not HTTP like for anything other than
> encoding the data in a url, there is no real request, you don't send
> across HTTP headers to the native app, you never get a response back.

This is absolutely the purpose of the proposal here: to give custom web 
protocols all of the characteristics of HTTP URLs to enable all of the 
use cases currently being covered by Web Intents.

>> 2. Reverse CORS. By invoking a custom protocol, developers can communicate
>> with services residing on different origin servers. The authorization for
>> this comes from the user implicitly authorizing the cross-origin
>> communication by selecting a service provider from their UA-based custom
>> protocol handlers list.
> Yes, and Web Intents does this too (in the client), with a constrained
> action resolution and the added ability to also filter based on data
> type if required.

We could look in to data types. This idea isn't going away. This is, in 
effect, a candidate proposal for 'registerProtocolHandler Level 2'. We 
could discuss if and how to specify filters based on data type in that 
initiative. This would be a case of adding a single option to 

Thanks for your feedback. This is a good discussion. I feel that we may 
not solve anything on this Web Intents list but I wanted to communicate 
how this problem could be solved by improving on what we already have in 
the web platform without needing to add more APIs or start any new 

Cheers, Rich

>> br/ Rich
>>> -mike
>>> On Jan 15, 2012, at 10:23 AM, Paul Kinlan wrote:
>>>> Hi,
>>>> This was something that I started to document under
>>>> http://webintents.org/subscribe - the intents discovery mechanism in
>>>> the spec doesn't preculde a UA from detecting this and allowing the
>>>> user to invoke an action to subscribe to the feed using their
>>>> preferred application.
>>>> P
>>>> On Fri, Jan 13, 2012 at 4:48 AM, Mike Kelly<mikekelly321@gmail.com
>>>> <mailto:mikekelly321@gmail.com>>  wrote:
>>>>     Hi,
>>>>     I was wondering whether an example of 'web intent' behaviour has
>>>>     already existed for some time:
>>>>     The example I am thinking of is driven by atom/rss links in the head
>>>>     of HTML pages, i.e. an html page containing the following link in the
>>>>     head of the document..
>>>>     <link rel="alternate" type="application/rss+xml" href="...." />
>>>>     ... this causes a browser (e.g. Firefox) to present the user with the
>>>>     option to 'Subscribe to This Page' where the user can fulfil their
>>>>     'subscription intent'.
>>>>     Would this be considered an equivalent of a web intent?
>>>>     Cheers,
>>>>     Mike
>>>> --
>>>> Paul Kinlan
>>>> Developer Advocate @ Google for Chrome and HTML5
>>>> G+: http://plus.ly/paul.kinlan
>>>> t: +447730517944
>>>> tw: @Paul_Kinlan
>>>> LinkedIn: http://uk.linkedin.com/in/paulkinlan
>>>> Blog: http://paul.kinlan.me<http://paul.kinlan.me/>
>>>> Skype: paul.kinlan
Received on Friday, 20 January 2012 16:54:01 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:14:45 UTC