A I R Presentation Dev Camp Feb 08


Published on

Adobe Integration Runtime (AIR) presentation focussed AJAX..

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

A I R Presentation Dev Camp Feb 08

  1. 1. Adobe Integrate Runtime (AIR) RIA on Desktop Abdul Qabiz http://linkedin.com/in/abdulqabiz Adobe and Adobe AIR are either the registered trademark or trademark of Adobe Systems Incorporated in the United States and/or other countries.
  2. 2. Desktop Apps? Use-cases Desktop is still important We still use those most of times Some data still on Desktop We are not always connected Some of us are occasionally-connected Current Issues Smart developers moved to Web :-) Gap between Web and Desktop Development requires special skills Hard to update/patch Bandwidth costs :-)
  3. 3. Topics Introduction Examples Development SDK/IDE/Tools Frameworks Security Installation/Deployment More Examples Q/A
  4. 4. AIR: Introduction
  5. 5. AIR: Some more features Native Windows/Menus Clipboard (read/write) Command-line arugements Launch on Login ( != startup) File associations (mime type handlers) Tracking user presence (idle timeout, etc) Taskbar/Dock icons Application termination Inter application communication Application updates DRM ;-) Encrypted storage (uses Keychain or DPAPI - AES-CBC 128-bit)
  6. 6. AIR: Examples
  7. 7. AIR: Development Tools AIR SDK - compiler/debugger/packager Aptana (Eclipse-based) for AJAX apps Adobe FlexBuilder for Flex/Flash apps Frameworks No special requirement for AIR Generally, we use these for web-apps YUI, ExtJs, Dojo, Prototype, etc - Any AJAX framework* Adobe Flex Framework (Flex/Flash)
  8. 8. AIR: Development AJAX app structure Structure - HTML Presentation - CSS Behaviour - JS Assets - images, swf, flv, etc application descriptor (application.xml) - XML Flex/Flash app structure Application - .swf Libs/modules - .swf Assets - images, swf, flv, etc application descriptor (application.xml) - XML
  9. 9. AIR: Descriptor format <?xml version=quot;1.0quot; encoding=quot;utf-8quot; ?> <application xmlns=quot;http://ns.adobe.com/air/application/1.0quot;>     <id>com.abdulqabiz.air.BloglinesReader</id>     <name>Bloglines Reader</name>     <version>1.0</version>     <filename>BloglinesReader</filename>     <description>An offline Bloglines reader with lots of features.</description>     <initialWindow>         <title>Bloglines Reader</title>         <content>root.html</content>         <systemChrome>standard</systemChrome>         <transparent>false</transparent>         <visible>true</visible>         <width>640</width>         <height>480</height>         <minimizable>true</minimizable>         <maximizable>false</maximizable>         <minSize>320 240</minSize>         <maxSize>800 600</maxSize>           </initialWindow>     <icon>         <image16x16>icons/AIRApp_16.png</image16x16>              <image32x32>icons/AIRApp_32.png</image32x32>              <image48x48>icons/AIRApp_48.png</image48x48>              <image128x128>icons/AIRApp_128.png</image128x128>     </icon> </application>
  10. 10. AIR: Security - Sandbox types There are different sandbox types: application assigned to all the files in app directory remote Files from Internet URI local-trusted trusted local .swf can acces local and remote but doesn't have all AIR privileges. local-with-networking local .swf (published with -use-network flag) can communicate with remote only. local-with-filesystem local file (.swf, .js, .htm, etc) can read local but not remote.
  11. 11. AIR: Security - AJAX application non-application (classic) AIR API allowed No access to AIR API XHR - all domains XHR - same domain, can be Limited eval () - only JSON allowed to all domains literals Window.open (..) work in Limited dynamic code response of user-triggered generation event. javascript:<code> AJAX frameworks would innerHtml work outerHtml CSS/frame/iframe/image dynamic-script/script-src loading setInterval/setTimeOut (quot;x=4quot;, 1000) AJAX frameworks might break
  12. 12. AIR: Security - Sandbox bridging Without bridge With bridge
  13. 13. AIR: Security: Sandbox Bridging <html> <head> <title>Simple test</title> <script type=quot;text/javascriptquot; src=quot;AIRAliases.jsquot;></script> <script type=quot;text/javascriptquot;> var Exposed = {}; Exposed.trace = function(str) { air.trace(str); } Exposed.readApplicationDescriptorFile = function() { var content; //set content to descriptor content return content; } function doLoad() { document.getElementById('UI').contentWindow.parentSandboxBridge = Exposed; } </script> </head> <body onload=quot;doLoad();quot;> <iframe id=quot;UIquot; src=quot;ui.htmlquot; sandboxRoot=quot;http://SomeRemoteDomain.com/quot; documentRoot=quot;app:/quot; </iframe> </body> </html>
  14. 14. AIR: Security: Sandbox Bridging <html> <head> <title>UI</title> <script type=quot;text/javascriptquot;> var Exposed = {}; Exposed.trace = function(str) { air.trace(str); } function doLoad() { childSandboxBridge = Exposed; } </script> </head> <body onload=quot;doLoad();quot;> <h3>Browser Sandbox Content</h3> <ul> <input type=quot;buttonquot; onclick=quot;alert(parentSandboxBridge.readApplicationDescriptorFile())quot; value=quot;Call the exposed function for reading application.xmlquot;/> </ul> </body> </html>
  15. 15. AIR: Installation Seamless install installs AIR, if not found requires Flash Player Manual Install download .air file and run it. AIR needs to be installed before that. Package AIR (the runtime) and App together?
  16. 16. AIR: Installation: Experience Installation experience is consistent, it can not be modified by the developer.
  17. 17. AIR: Deployment AIR apps are deployed as .air file Created using adt (the packager) .air files need to be digitally signed Certificates could be: Self-signed - created using adt Verisign or Thawte Badge-installer (widget for web-site) Version (in application.xml) - choose a right scheme Helps while updating app
  18. 18. AIR: Some best practices Be responsible - You have more privileges FileSystem, etc. Try not to store sensitive data on client If you have to, encrypt it Structure application properly Only keep trusted files in application sandbox Keep UI or other files in different sandbox Digitally sign .air files use Verisign or Thawte certificates
  19. 19. AIR: Some more examples
  20. 20. AIR: Q/A That's it for now, you got the idea :-) Q/A?