Feeds

Google brews mashier OpenSocial language

For all your Web 2.0 ills - except people and Facebook

Combat fraud and increase customer satisfaction

Google I/O A decision on whether to press ahead with a re-usable architecture from Google to simplify the development of applications spanning multiple social networks is due in the next few days.

Members of Google's OpenSocial project are next week expected to vote on a proposal for a new template language that'll be used to build tags for use with OpenSocial. OpenSocial defines common APIs for applications across multiple sites using JavaScript and XML.

Google told its I/O conference Thursday tags will assist in development of applications that pull in data and feeds from different social networks such as MySpace and contacts-database-in-the-sky LinkedIn. It'll also lock down Web 2.0 apps against cross-site scripting (XXS), the company claimed.

Google's hope is for a core set of between five and 10 tags to eventually be devised and that these will be used to measure compliance of developers' applications with the OpenSocial specification. The search giant expects a community of non-core tags to also evolve.

Explaining the tags, Google OpenSocial developer Evan Gilbert said they could specify the position of a picture in a social network page or a user's account data could be displayed when somebody reading the page mouses over the picture.

Tags will, according to Gilbert who proposed the templates idea, reduce the amount of code needed for development, and will see HTML rendered by the social network rather than the browser. In a demo 18 lines of HTML were shrunk to six after they'd been run through a tag. Tags will also speed performance, by offering sever-side optimizations that batch-up requests to the server instead of issuing them individually.

As to security, Gilbert promised tags would be completely free of XXS problems. That is unless - of course - "developers work explicitly around XXS protections". Oh, yeah - that old thing: people doing stuff with the technology the inventor hadn't intended.

XXS is a huge swinging door in Web 2.0 applications that nobody seems willing to acknowledge is wide open at evangelical events like Google's two-day I/O conference.

It's also not clear when this programming manna will descend from Heaven.

This being the Google community - where things emerge organically and software is in permanent beta - there's nothing so fascist as an OpenSocial roadmap. Also, a "yes" vote would only open the door to the next phase - building the language. A spec and implementation are expected on, or after, June 9.

David Glazer, Google's director of engineering, told I/O the plan had been for inclusion in OpenSocial 0.8 but that specification is now finished - if the implementation is not actually stable. Glazer told Reg Dev the language could appear in 0.9.

Meanwhile, it seems the Apache Software Foundation's Shindig incubator project, building an open source social network architecture based on OpenSocial, will use version 8.0 of the API. Shindig is almost completely manned by Google engineers. Glazer said Shindig is "more than half-way" towards compliance with OpenSocial 0.8.

Google product manager Dan Peterson predicted social networks would continue to use version 0.7 of OpenSocial for a while, unless they want RESTful API development right away. RESTful APIs were featured in version 8.0. Those who do want REST will move to the new OpenSocial during the next few months, he said.

Those committed to OpenSocial include AOL which this week announced it's going to adopt OpenSocial on myAOL.com. AOL joins LinkedIn, MySpace and Marc Andreessen's Ning among a mish-mash-up of others committed to OpenSocial.

Missing from this hit list is teen social networking sensation Facebook, which has been sparring with Google over the ability of the search giant's Friend Connect service to suck out its users' details.®

Combat fraud and increase customer satisfaction

More from The Register

next story
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.