w3c / miniapp-manifest

MiniApp Manifest
https://w3c.github.io/miniapp-manifest/
Other
7 stars 8 forks source link

What are sessions? #56

Closed pes10k closed 1 year ago

pes10k commented 2 years ago

This issue is being filed as part of of PING's horizontal review

The Privacy Considerations section states:

The user agent SHOULD implement mechanisms to remember their preferences, and the end-user SHALL explicitly decide if this information is stored across sessions. No other information related to the manifest should persist across sessions.

What a session is, how long it lasts, etc is not defined in the spec. This is critical to define since "session" is being used as a privacy boundary here (things that stay in one session shouldn't, by default, be available in other sessions). The spec should either define what a session is for MiniApps, or if its defined in another spec, link to where a session is defined

espinr commented 2 years ago

It's a very good point, @pes10k

I was referring to 'session' as the period starting with the launch of the app and when it is destroyed (so the cached information is deleted). We could define it accurately based on the two events and status changes produced in the mini app engine. The Lifecycle spec describes the launched global state, but it doesn't mention anything regarding the termination or destruction (similar to the controversial window.unload event).

I did some quick research to understand how the current mini app implementations in this group handle this (most of the documentation in Chinese so my apologies if I missed anything).

Alipay Mini Programs have the launch event when the mini app is initialized. The app runs in the background and is destroyed after some time, based on the following: "Only when the mini app goes in background state for a certain time, or takes up too much system resources, will it be destroyed." So, in this case, the session depends on the configuration of the mini app engine, but there is no event triggered when the app terminates the session.

Baidu Smart Program triggers the launch event and it doesn't allow users to force the destruction of the app. The user agent will destroy the app only in the following cases:

The case of Quick Apps (Xiaomi, Huawei) is simpler, so we could consider a session as the period between the create and destroy page events and subsequent change of status. See the documentation.

Implementation Session starts when Session ends when
Alipay Mini Programs launch event X time in background state; or exceeds Y resources
Baidu Smart Programs launch event 5m in background state; or Y mini apps launched; or exceeds Z resources
Quick App (Xiaomi, Huawei) create event destroy event

I'm raising a question to understand if there is a plan to introduce a destroy event in the app lifecycle. Otherwise I think we need to include some text to clarify when the app and its cached information is destroyed in the system (we can use to mark when the session is finished).

pes10k commented 2 years ago

Thanks @espinr this is all very helpful. I think its important to specify this in the spec though, since it seems like differences in "session" definition would cause interop problems (and so kinda undo a main purpose of the standard), no?

Sharonzd commented 1 year ago

@espinr Thanks for your hard work.

'session' as the period starting with the launch of the app and when it is destroyed

I agree with the definition of "session", and we indeed need to add destroy event.

The user agent SHOULD implement mechanisms to remember their preferences, and the end-user SHALL explicitly decide if this information is stored across sessions. No other information related to the manifest should persist across sessions.

But I am sorry to point out another comment under this quotation, not about the definition of the session, but about where the permission information should be placed.

In the existing vendor implementations, if a user approves granting a requested permission from a MiniApp, the permission will remain until the user goes to the MiniApp setting page to cancel the authorization, just like the App authorization mechanism on an iPhone.

I think this is necessary because if the authorization information is only stored in the session, it means that users need to repeat the granting operation every time reopen the same MiniApp, which would reduce the user experience.

( Maybe I need to create another issue, right?)

espinr commented 1 year ago

Thanks @Sharonzd. The definition of session seems to be solved. This is another (good) point.

I'll open another issue, based on your comments.

espinr commented 1 year ago

Closing this issue, after merging w3c/miniapp-packaging#65, that includes the definition of a session based on events. Conversation about keeping preferences data across sessions continues in #67 .