Figuring out OpenSocial
2nd November 2007
So it’s out, and lots of people are talking about it, but I’m still trying to work out exactly what it is. There seem to be two parts to it: a standardised set of GData APIs for accessing lists of friends and their activities (like the Facebook news feed) and a bunch of JavaScript APIs for enabling developers to write hostable widgets and “container sites” to embed those widgets.
Unfortunately the official documentation confuses things horribly by referring to Google Gadgets in various places. From that my guess is that the embedding part consists of externally hosted code running in an iframe, along with the clever fragment hack to mediate controlled communication between the container site and the embedded widget (and bypass the same-domain restriction). Not sure how that would defend against a malicious widget that uses frame-busting to send the user to a completely new page though—Facebook rewrite and sanitise all of the CSS and JavaScript that they serve, but I seriously doubt Google’s open source container API pack will include that level of sophistication.
My other question at the moment is how much OpenSocial relates to the larger goal of an open social network, where import and export APIs allow people to easily move from network to network and still find their friends. I don’t see anything in the GData People API that explicitly addresses the need to correlate the same user’s account across multiple sites (it looks like it doesn’t include an e-mail address for example) which seems to me to be pretty essential.
Am I getting this right, or have I missed something important? I’d love to hear from people who have been properly briefed on all of this.
More recent articles
- llm cmd undo last git commit - a new plugin for LLM - 26th March 2024
- Building and testing C extensions for SQLite with ChatGPT Code Interpreter - 23rd March 2024
- Claude and ChatGPT for ad-hoc sidequests - 22nd March 2024
- Weeknotes: the aftermath of NICAR - 16th March 2024
- The GPT-4 barrier has finally been broken - 8th March 2024
- Prompt injection and jailbreaking are not the same thing - 5th March 2024
- Interesting ideas in Observable Framework - 3rd March 2024
- Weeknotes: Getting ready for NICAR - 27th February 2024
- The killer app of Gemini Pro 1.5 is video - 21st February 2024
- Weeknotes: a Datasette release, an LLM release and a bunch of new plugins - 9th February 2024