Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Play Store Now Open For Progressive Web Apps (medium.com)

Posted by msmash on from the for-the-record dept.

Maximiliano Firtman: Chrome 72 for Android shipped the long-awaited Trusted Web Activity feature, which means we can now distribute PWAs in the Google Play Store! I played with the feature for a while, digging into the APIs and here you have a summary of what's going on, what to expect and how to use it today. Chrome 72 for Android is now shipping from the Play Store to all users and this version included Trusted Web Activity (TWA), that in a nutshell is a way to open Chrome in standalone mode (without any toolbar or Chrome UI) within the scope of our own native Android package. Let me start saying that the publishing process is not straightforward as it should be (such as "enter your URL" in the Play Console and it's done). It's also not a way to use the currently available WebAPK and publish it in the store. It's a Java API that communicates through services with Chrome and seem to be in the early stages, so there is a lot of manual work to do yet today.

49 comments

  1. More liberal bias by Anonymous Coward · · Score: 5, Funny

    What about the Conservative Web Apps?

    1. Re:More liberal bias by Anonymous Coward · · Score: 0

      Relegated to dark web app stores.

    2. Re:More liberal bias by Anonymous Coward · · Score: 0

      No democratic socialists bound-at-the-hip to Alexandrai Ocasio-Cortez were hurt during the post on this website.

    3. Re:More liberal bias by Merk42 · · Score: 1

      Those are the ones that use absolutely no JavaScript at all, just like all the best pages of the halcyon days of 90s Internet.

    4. Re:More liberal bias by RhettLivingston · · Score: 1

      Do you mean "books" or the more inclusive experience of "books + chair + lamp + reading glasses"?

  2. don't need no tree huggers on my lawn by Anonymous Coward · · Score: 0

    get off then get a job.

  3. Google-free android? by Bradmont · · Score: 2

    Will these apps still run on de-googleled android distributions that don't include gapps? That is to say, will they work in other implementations of webviews, or will they be chrome-specific?

    1. Re:Google-free android? by Anonymous Coward · · Score: 0

      Well, that depends on what comes next.

    2. Re:Google-free android? by Anonymous Coward · · Score: 0

      No, you are required to use gmail as well.

    3. Re:Google-free android? by Anonymous Coward · · Score: 1

      Will these apps still run on de-googleled android distributions that don't include gapps?

      Trusted Web Activity = Trusted by Google. By definition they will not be degoogled because <sarcasm> doing so would make Google distrust and block them. </sarcasm> the only reason that it's required in the first place is because Google decreed it so.

      There's no reason to require some trust anchor to load a predetermined web URL in a limited browser. Especially when said predetermined URL was installed by an app with a valid signature. This is just more security theater by the idiots at Google who think that they are doing everyone some favor by imposing even more useless restrictions on what Android can and cannot do.

      Case in point: The whole damn reason this exists is to allow for so called "web" apps (bookmarks with fancy labeling and custom input UIs) to be launched from the user's home screen without needing to ship a full browser with the APK. (I.e. It uses the device's built in browser in a special UI mode.) That makes said "app" take up MUCH less space in the device's storage, and removes the need for said "app" developers to keep the shipped browser updated. This is good for security all around. Much smaller attack surface, less maintenance required by the devs, less storage used up. Win - Win.

      But of course Google had to find some way to fuck this up, and fuck it up they did. Now to use the built in browser for this purpose and get your "app" on the Play Store, you have to include yet another useless trust anchor on top all of the other ones. It provides no extra security as the user has already installed the damn thing, which means there is absolutely nothing to prevent a malicious app from mimicking the "Trusted Web Activity" UI and luring the user into a false belief of safety. It creates extra headaches for developers as they have to make sure everything is "trusted." It gives Google yet another way to leverage app developers in the future, while simultaneously giving them political points with the clueless masses for "being tough on security." It also creates yet another way some clueless user can be taken advantage of should any exploits be found in the now larger attack surface. (More bureaucracy / code needed to support the additional trust anchors.) Also, can you say new DRM? $10.00 says such web apps will eventually find / get a way to use this for DRM purposes. (TLS client certs?)

      So, no this won't be degoogled. It exists because Google doesn't know what it's doing, and every other sane android distro despite supporting it for compatibility purposes, won't mandate such insane limits on their browsers.

    4. Re:Google-free android? by Anonymous Coward · · Score: 0

      no web apps are good for security and space. Native code FTW

    5. Re:Google-free android? by Anonymous Coward · · Score: 0

      Will these apps still run on de-googleled android distributions that don't include gapps? That is to say, will they work in other implementations of webviews, or will they be chrome-specific?

      likely not.. Google NEEDS gapps in the privacy of their users

    6. Re:Google-free android? by AmiMoJo · · Score: 1

      PWAs use a new "API" in Chrome, really just some basic hooks that tell it to open without the usual address bar and other controls. They are all published and available for other browsers to implement, which doesn't see to be a lot of work.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    7. Re:Google-free android? by doconnor · · Score: 1

      PWA has always worked in modern browers. This is just a new feature to allow users to find them in the Play Store. If you don't have the Play Store, it has no effect on you.

  4. In related news ... by fahrbot-bot · · Score: 1

    Flo is very pleased about this.

    --
    It must have been something you assimilated. . . .
    1. Re:In related news ... by Anonymous Coward · · Score: 0

      The bubblegum chewing waitress?

  5. Another Reason To Avoid Android by Anonymous Coward · · Score: 0

    Nobody wants PWAs. Thank Xenu Apple is around to save us from the shitty Google ecosystem.

  6. Dear Slashdot by 110010001000 · · Score: 4, Insightful

    You should probably mention what a "Progressive Web App" is in the summary.

    1. Re:Dear Slashdot by Anonymous Coward · · Score: 0

      Webpages that install in the browser (with cache size limits etc.) and can be Offline-first Apps. Ie. Native Apps but On The Web

    2. Re:Dear Slashdot by Anonymous Coward · · Score: 0

      From the link:

      The neutrality of this article is disputed. (September 2017)
      This article possibly contains original research. (September 2017)
      This article may be confusing or unclear to readers. (September 2017)

      The earliest reference to this specific type of software is from 2015.
      Sounds like this is not a "term of the trade" but some marketeers are trying very hard to make them so.

      To everyone else. These are drive-by-download applications which use a dizzyingly tall tower of application frameworks. Think AdobeAir or ActiveX apps but with a few more layers tacked on.

      The never-over-30 "engineers" at google are too young to know why we killed those, so now we get to suffer through the same mistakes again.

    3. Re:Dear Slashdot by Anonymous Coward · · Score: 0

      Some fucking snowflake bullshit I'll warrant.

    4. Re:Dear Slashdot by Aighearach · · Score: 1

      I'm hoping they were talking about Free Software or something.

      I get my apps from fdroid.

    5. Re:Dear Slashdot by Aighearach · · Score: 1

      My goodness, thanks but no thanks. Now that I know it is just the latest attempt at "push" apps, I'd like the 10 seconds I spent at wikipedia back.

      Ridiculing it without knowing what it was turns out to have been a good idea.

    6. Re:Dear Slashdot by Anonymous Coward · · Score: 0

      Best comment.

      Goddamn this place has gone downhill. The red site is paradise in comparison.

    7. Re:Dear Slashdot by Darinbob · · Score: 1

      I have been programming for a few decades, I work on software, firmware, hardware, and deal with many parts of the company. I fully read the summary, and had no clue what it was about. Didn't even sound like technology, sounded more like marketing.

    8. Re:Dear Slashdot by AmiMoJo · · Score: 4, Informative

      They are web sites for people who think they need an app.

      The rational is that users think they need an app, and go looking for one in the Play store. Rather than just go to Facebook.com, they think they have to have the Facebook app. So to save time and money, you can make a Facebook app that is just a wrapper for Facebook.com.

      Well, you could do that before, but now it's a bit more "native" and benefits from using the browser that is already loaded into memory etc.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    9. Re:Dear Slashdot by Anonymous Coward · · Score: 0

      Oh! Someone reinvented ActiveX. Yay!

    10. Re:Dear Slashdot by tepples · · Score: 1

      One difference is that ActiveX used native code, whereas Progressive Web Apps use JavaScript and/or WebAssembly with the Service Worker and IndexedDB APIs and the HTML DOM.

    11. Re:Dear Slashdot by Anonymous Coward · · Score: 0

      It's to help manage your car insurance. Sometimes when you're driving you'll come across a road without internet access. Having an app on your phone will let you look up Progressive's contact numbers during the times you don't have net access.

  7. Turn Off by Anonymous Coward · · Score: 0

    One assumes if you disable the security holes that permit PWA's that they will also be disabled?

    Security nightmares include:
      Javascript
      WebAssembly
      Service Workers ... and more ...

    The whole PWA crap appears to be predicated on requiring the absolute worst security nightmare: allowing untrusted third-party code execution privilege.

    1. Re:Turn Off by phantomfive · · Score: 1

      How can WebAssembly be less secure than the actual ARM assembly that is allowed already in any app?

      --
      "First they came for the slanderers and i said nothing."
    2. Re: Turn Off by Anonymous Coward · · Score: 0

      Anything on JavaScript is less secure than anything on it's own?

      Kinda like anything on crack is less secure than anything on it's own?

      I think? Maybe?

    3. Re:Turn Off by doconnor · · Score: 1

      My PWA works without those things (although maps and a few other features don't work without Javascript.)

      https://www.transsee.ca/

  8. Progressive != Liberal by Kunedog · · Score: 1

    It's the leftist bias in tech/media that's the problem.

    https://www.youtube.com/watch?...

    A liberal bias might actually be a good thing, as it would err on the side of free speech, and against totalitarianism.

    1. Re:Progressive != Liberal by Brett+Buck · · Score: 0

      What evidence do you have of that last bit? All I hear from liberals is how they are going to ban speech they don't like, steal money from people and give it to others, and create an all-pervasive central government. They have to, in order to force people who have different ideas to go along by force of law.

    2. Re:Progressive != Liberal by Anonymous Coward · · Score: 0

      Liberals are known in the US as Libertarians.

    3. Re:Progressive != Liberal by Anonymous Coward · · Score: 0

      You're not hearing that from liberals. You're hearing that from conservatives trying to scare you about liberals.

      Liberals have scary ideas like, "education is an investment in our future", and "people should pay their share of taxes", and "Maybe we should give a slight damn about people's health once they're out of the womb".

    4. Re:Progressive != Liberal by Anonymous Coward · · Score: 0

      You are confusing the use of liberal as it is known around the world with its use in the USA. Which is an alias for socialist. Or Democrat.

    5. Re:Progressive != Liberal by Anonymous Coward · · Score: 0

      "Their share of taxes" sounds a lot like the time 3 wolves and a lamb voted on what was for supper.

  9. KKKrybaby faggots are the real problem obviously by Anonymous Coward · · Score: 0

    Your tears are no longer delicious, just redundant as Trump goes off to prison. Nobody cares whiny faggots, you fail to educate yourselves and you deserve to go extinct on that basis. Goodbye GOP traitors, you don't matter.

  10. An app that's always on the web by AHuxley · · Score: 1

    and deep in the smart phone.
    Learn to code software for the smart phone.

    --
    Domestic spying is now "Benign Information Gathering"
    1. Re:An app that's always on the web by Aighearach · · Score: 1

      That's some smart code
      deep learning you on your phone
      always for the web

  11. A million monkeys coding by AndyKron · · Score: 1

    I'm reminded of the guy who had the obsession of using a calculator to add the number one to the total. He had boxes of calculator tape stashed all over his apartment and he knew where every one of them was.

  12. Trusted Computing by Anonymous Coward · · Score: 0

    https://m.youtube.com/watch?v=s7WDbnHlc1E

    Timeless classic.

  13. Instruction sets differ by tepples · · Score: 1

    Good luck running native code when the instruction set of your device's CPU, such as ARM vs. MIPS vs. x86-64 (Atom) vs. RISC-V, differs from those of the devices in the app's developer's testing fleet.

  14. So why do these exists by DarkRookie2 · · Score: 1

    I like how Google is providing a solution that
    1. Is not needed.
    2. Is a fix for a problem they caused.
    You can write a simple HTML page without Googles help.
    Is this anything else except locking for displaying ads.

    --
    http://progressquest.com/spoltog.php?name=Son+Of+Son+Of+DarkRookie