Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?

Client-Side Services

This is a proposal of a pattern for building interlinking web apps. It would allow sandboxed integration with third-party services running on the same computer.

This would enable:

  • services to manage their own client-side secrets (e.g. private keys)
  • building shared caches
  • sharing p2p network resources

Connecting to a service would look something like this:

const service = window.openServicePort('https://something.com/worker.js')
service.addEventListener('message', console.log)
service.postMessage('hello!')

myapp.com <-(service port)-> something.com/worker.js

The service would listen for new connections, and interact over the duplex message-passing interface. The service would be able to see the origin domain of the connection and make security considerations based on this info.

Implementing Now

We have implemented an MVP of this using existing web APIs (iframe + ServiceWorker). By opening an iframe to a remote domain and using message passing (e.g. iframe.contentWindow.postMessage ) we can establish communication with a service running remote context. This approach spawns a new instance of the service for every iframe. In order for the service to have singleton behavior, we ensure a ServiceWorker is running from inside the iframe, then connect to that and forward the iframe's message passing interface to the ServiceWorker and back.

myapp.com <-(iframe)-> service.webapp.io <-(ServiceWorker)-> service.webapp.io/worker.js

Example

MyApp opens connection to the IPFS service (via iframe). MyApp makes data lookup requests to the IPFS client. IPFS client runs as a singleton (via ServiceWorker), and can service many external apps with a unified cache and network of peers.

Gotchas

  • Services must be designed to connect to untrusted parties
  • No webRTC in WebWorker/ServiceWorker
  • ServiceWorkers dont handle cross-domain fetch
  • ServiceWorkers can't open iframes to connect to other ServiceWorkers

Research

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.