GNUCITIZEN

From Mozilla’s Lab blog post: Prism is an application that lets users split web applications out of their browser and run them directly on their desktop. I was intrigued.

For a moment I thought that my days in pain are over. Mozilla’ve got it right this time! I really liked the concept. I still do. Unfortunately, when I installed the Prism environment and tried to hook some Google apps I am using all the time, I found myself in the exact same situation I was before. Essentially, Prism is nothing more but the Firefox browser with some fancier desktop shortcut features and without the normal chrome.

I really thought that Prism will allow web applications to run independently, without sharing resources such as cookies, etc. I through that by separating all applications, I care about, as independent Prism apps, I will achieve the level of security I’ve always needed in my day-to-day work.

The result was different though. Although Google Reader was set as a separate applications from Google GMail, once I authenticated one of them the other one also gets authenticated as well. Disappointment! Through, I still like the concept. It just needs a bit polishing.

Suggestions

Here is a list of things, which make sense in terms of security and which mozilla developers should consider implementing into Prism:

Prism applications should be placed on their own such as cookies, persistent storage, etc are not accessible by other Prism applications which run from the same origin.
Prism should implement logical groups which allow applications to share cookies between each other, when required. So for example, I should be able to define that the GMail application can share cookies with the Google Reader, i.e they are in the same logical group.
Requests to URLs outside of the current origin should be prohibited. I guess iframes, XMLHttpRequests and JavaScript remoting can be threated as safe operations since they are defined by the developers.

Keep in mind that you may still suffer from Cross-site scripting and Cross-site request forgery attacks, although the attack surface will be greatly mitigated! I hope that these kind of features are implemented into Prism soon. This will give us the ability to surf the web a little bit safer.

Respond

sull says:

October 30, 2007 at 6:53 pm

good points.
prism project is def one to watch closely and/or participate in development.

the core concept is solid… i’ve always had an interest in simply wrapping content (client and server side) in multi-platform cross-compatible desktop applications… for all the obvious benefits and also for that ‘control’ layer. control in security, UI and exposed functionality.

typically, i looked at this from the angle of allowing integrated web browser within a desktop app… something we have seen for a long time… early napster days even. something i have wanted since the days of using Hotline and KDX. i purchased Runtime Revolution and one of the selling points was this simple feature… integrating native OS web browser into my apps… or to just wrap a restricted website as a desktop app and nothing more. runrev uses IE on windows and Safari on mac. So it is obviously not the same approach as Prism which IS a browser (firefox/gecko) itself.

At this point, I like the Prism approach alot. I’ve been following XULRunner and Webrunner so it was exciting to see the annoncement of the rebranded Webrunner as Prism and all the new discussion on what this means…. even as it is not exactly groundbreaking in a technical sense…. it still has the potential to be groundbreaking as the project evolves and launching prism apps becomes a more common thing…. it’s the popup window 2.0 ;)

What’s important now is everyone participate in the ddiscussions that will help to mold prism.
More of that, like this post here…. and less of the critically shallow early observations that prism is no big deal. Dont miss the point. Step outside the box and think about how this approach on RIAs and web/desktop hybrid niche can lead to new innovations. i dont mean to overstate the importance of this project… but i dont want their to be two camps that either belittle or over-hyper it. Just look at it for what it is and what it can and should logically become.

The comparisons to AIR and Silverlight are relevant but should not be the focus of Prism discussions. So I am glad to see this post doesnt go there :)

Sull

pdp says:

October 30, 2007 at 8:57 pm

sull, absolutely. I do like the concepts of Prism. Thought, I would like to see the features I discussed above implemented.

DinoBoff says:

October 30, 2007 at 9:11 pm

I think all the prism applications share the same cookies but they don’t share it with Firefox.

What is happening if in your gmail prism you clic on a link for an external website? Will it open the link in your browser or in prism?

October 30, 2007 at 9:16 pm

DinoBoff, well yes. Prism does not share cookies with Firefox. But two separate Prism applications do share cookies if they meet the same origin requirements. Clicks on external links, open into new chromeless pop-up windows.

ronald says:

October 31, 2007 at 1:07 am

I think it only has a nice logo, but it’s exactly based upon regular chrome. I played with it already but I have trouble seeing the security aspect in any sense. Let alone users will actually starting to use it (which I doubt).

Dave Duchene says:

October 31, 2007 at 5:14 am

Prisms definitely looks like a great start in the right direction, but I’m also disappointed to see that different applications share resources.

Right now I use a separate web browser install for all of my online banking. To put it mildly, this is inconvenient, and with all of the hoopla about phishing scams and online “security” these days, you’d think that browser developers would jump at the chance to implement a proper, well integrated sandbox. Sadly, it doesn’t (yet) seem to be the case.

Wladimir Palant says:

October 31, 2007 at 10:09 am

I didn’t look at Prism but I use WebRunner which seems to be more or less the same thing. Sure, by default all applications use the same profile. But you should be able to specify a different profile as a command line argument (-P profile8). Still, question is whether the applications all run in the same process – then they all use the same profile. MOZ_NO_REMOTE environment variable helps but it is not quite what you would like I guess.

October 31, 2007 at 11:08 am

Wladimir, yep. maybe the wizard should dynamically create a new profile for each application… or you can select an existing profile for a group of applications. Then, by default the application should launch with the -noremote and -profile options therefore ensuring that applications run in separate sandboxes. This shouldn’t be that hard to do! It is good enough for a starter. :)

October 31, 2007 at 6:40 pm

each webapp generated will have their own profiles in next release updates. the developers have put it as one of the top priorities so i have read.

October 31, 2007 at 8:30 pm

LOL

Sorry, but I think it’s far less secure. Only the idea of running it ALL on the dektop INSIDE a cached version (WYSIWYG://) isn’t a clever idea. IMHO, what’s the difference? nothing! it only brings the bacon closer to home, but we will see.

October 31, 2007 at 8:36 pm

sull, good stuff. though, I would like to see also some options for sharing profiles between applications.

ronald, there is no difference between Firefox and Prism code-wise. Both of them run on the top of xulrunner. Though, conceptionally, they are different. I think that Prism has a bright future, though a lot of way to go.

Navigation

Mozilla Prism: not there yet!

Suggestions

Respond