Each Pokki app has four interface elements that users may interact with;
- Icon – an icon located in the Pokki area of the user's taskbar. Clicking on this icon opens and closes your app.
- App window – a window which is displayed when the user clicks on your app’s icon. This is the primary interaction point for your application. You define both the size and the content of this window.
The figure below shows the interface elements.
Each Pokki app is a collection of files stored in a single directory:
- Manifest file (manifest.json) that contains metadata about your app
- HTML window page file
- (Optional) HTML background page file
- 19x19, 29x29, 42x42, 256x256 versions of the app's icon in PNG format
- Any directory structures used to hold the files
The core components of an app are the two web pages:
- Window page – an HTML file used to define the app window contents and handle user interaction.
- Background page – an optional HTML file which is always running without an interface, used to determine when an app's badge should be updated.
The figure below illustrates a Pokki app’s architecture and interactions.
All Pokki apps run in a sandboxed architecture – very similar to the one employed by Google Chrome and Chromium:
The sandbox is built on the notion of very limited privilege processes. It leverages the OS-provided security to allow code execution that cannot make persistent changes to the computer or access information that is confidential. The architecture and exact assurances that the sandbox provides are dependent on the operating system for which Pokki supports.
Pokki apps are sandboxed from each other, from the parent Pokki engine, and from Windows. This means a Pokki app:
- Can't access files or data on the user's computer
- Can't access another app's local storage
- Is isolated, so if it crashes it does not affect Pokki or Windows
Packaging and Delivery System
We have built a centralized and secure delivery system for Pokki apps. Whenever you publish your app it is reviewed by the Pokki team before it can be distributed. Upon approval your app is packaged and signed on the server, scrambling any sensitive data you defined in your manifest (such as an API key), and can now be distributed and installed by a user.
Our system ensures the apps installed on a user’s computer have been approved by the Pokki team.
- All apps (whether a new app or an update) are reviewed by the Pokki team before they can be installed by a user
When a user initiates the install of a Pokki app, Pokki communicates with the Pokki server using HTTPS and SHA-1 hashing to ensure:
- Which app to install
- The location of the app package to download
- Post download verification of the package
- Verification of the app once it's unpacked and ready to be installed
You can think of this as a signing and verification system.
In addition, Pokki does an integrity check at startup and every subsequent 24 hours. If Pokki itself or an app is found to have been tampered with since installation, it is disabled and the user is prompted to repair Pokki. The repair process securely downloads and installs the latest version of the affected components.
Pokki automatically checks for updates of the engine and its installed apps at startup and every subsequent 24 hours. If a new version of either is found, it is silently downloaded and updated seamlessly the next time Pokki starts. This means users of your app are automatically upgraded to the latest published version.
Users are notified of the update after it has occurred. In the case of an app being updated, the user is presented with a Pokki notification dialog telling them which app was updated. If the user clicks on this dialog they are taken to the Pokki website and presented with the change log for this app.
Pokki is built on the following technologies:
- Chromium for app sandboxing
- WebKit for layout and rendering
We believe these open source technologies are at the forefront of web technologies and emerging standards. We strive to keep up to date with these technologies as they advance ensuring the latest features and functionality are available to Pokki developers while maintaining stability and security.
You may wish to detect what versions of Chromium and WebKit Pokki includes. You can do this by querying the current user agent just as you would a browser. For example:
var ua = window.navigator.userAgent;
HTML5 and other emerging APIs
- Audio element (codecs: Vorbis, WebM)
- Video element (codecs: Theora, WebM)
- Web Storage
- Web SQL Database
- Web Workers
- Web Sockets
WebKit provides CSS extensions, including animation, transitions and both 2D and 3D transforms. Leveraging these features in your app’s user interface is the best way to achieve fantastic cross operating system and device performance.
Please see the API Reference for a detailed description of each method and event.
Web App Compatibility
While a Pokki app is very similar to a traditional web app, there are some differences. Most notably, it’s not running in a traditional browser. We have done a lot to make this utterly seamless for your existing web app but it’s important to understand these differences.
Not Really a Browser
Cross-origin XHR Works
You can make XHR requests to any domain using the standard XMLHttpRequest object (or any library that implements it). This includes XHR calls from within web workers
Web Sheets for Secure Login
To provide a secure login method for users, the Pokki API exposes Web sheets. Web sheets are embedded browsers that are solely intended to facilitate secure login. This is the preferred login method for all cases where it is possible.
Implications from the file protocol
Because a Pokki app is running locally (not on a domain), the window and background pages cannot read or write cookies, and as such we recommend using local storage for client storage. That said if you load an iframe or web sheet, cookies work as expected and are in-fact shared across all external resources loaded by your app.
To provide a cohesive user experience, there are several traditional web user-interface APIS that are disabled: