Skip to content

GitLab

T
tangled
Commit fdcd3720 authored by scheib's avatar scheib Committed by Commit bot
Browse files
Options

Clarify documentation for Chrome Apps CSP, link to webview, example for sandbox. 

Review URL: https://codereview.chromium.org/596123002

Cr-Commit-Position: refs/heads/master@{#296535}
parent 1bcc7dc6
Hide whitespace changes
Inline Side-by-side
Showing with 14 additions and 5 deletions
chrome/common/extensions/docs/templates/articles/app_csp.html
View file @ fdcd3720
...@@ -119,7 +119,7 @@ because they have good fallback behavior when offline or under spotty connectivi ...@@ -119,7 +119,7 @@ because they have good fallback behavior when offline or under spotty connectivi
<p> <p>
Instead of using an iframe, Instead of using an iframe,
you can call out to an external URL using an object tag you can call out to an external URL using a webview tag
(see <a href="app_external#webview">Embed external web pages</a>). (see <a href="app_external#webview">Embed external web pages</a>).
</p> </p>
......
chrome/common/extensions/docs/templates/articles/app_external.html
View file @ fdcd3720
...@@ -81,7 +81,7 @@ sample. ...@@ -81,7 +81,7 @@ sample.
</p> </p>
<p> <p>
The <code>webview</code> tag allows you to embed external web content in your The <a href="webview_tag"><code>webview</code></a> tag allows you to embed external web content in your
app, for example, a web page. It replaces iframes that point to remote URLs, app, for example, a web page. It replaces iframes that point to remote URLs,
which are disabled inside Chrome Apps. Unlike iframes, the which are disabled inside Chrome Apps. Unlike iframes, the
<code>webview</code> tag runs in a separate process. This means that an exploit <code>webview</code> tag runs in a separate process. This means that an exploit
...@@ -279,7 +279,7 @@ To find out more, ...@@ -279,7 +279,7 @@ To find out more,
see <a href="https://developer.mozilla.org/en/DOM/window.postMessage">window.postMessage</a>. see <a href="https://developer.mozilla.org/en/DOM/window.postMessage">window.postMessage</a>.
</p> </p>
<h3 id="listen_message">Listen for message</h3> <h3 id="listen_message">Listen for message and reply</h3>
<p> <p>
Here's a sample message receiver Here's a sample message receiver
...@@ -287,11 +287,20 @@ that gets added to your sandboxed page: ...@@ -287,11 +287,20 @@ that gets added to your sandboxed page:
</p> </p>
<pre data-filename="sandboxed.html"> <pre data-filename="sandboxed.html">
var messageHandler = function(e) { var messageHandler = function(event) {
console.log('Background script says hello.', e.data); console.log('Background script says hello.', event.data);
// Send a reply
event.source.postMessage(
{'reply': 'Sandbox received: ' + event.data}, event.origin);
}; };
window.addEventListener('message', messageHandler); window.addEventListener('message', messageHandler);
</pre> </pre>
<p>
For more details, check out the
<a href="https://github.com/GoogleChrome/chrome-app-samples/tree/master/samples/sandbox">sandbox</a> sample.
</p>
<p class="backtotop"><a href="#top">Back to top</a></p> <p class="backtotop"><a href="#top">Back to top</a></p>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment