1<meta name="doc-family" content="apps"> 2<h1>Chrome Apps Architecture</h1> 3 4 5<p> 6Chrome Apps integrate closely with a user’s operating system. 7They are designed to be run outside of a browser tab, 8to run robustly in offline and poor connectivity scenarios and 9to have far more powerful capabilities than are available 10in a typical web browsing environment. 11The app container, programming, and security models 12support these Chrome App requirements. 13</p> 14 15<h2 id="container">App container model</h2> 16 17<p> 18The app container describes the visual appearance 19and loading behavior of Chrome Apps. 20Chrome Apps look different than traditional web apps 21because the app container does not show any traditional web page UI controls; 22it simply contains a blank rectangular area. 23This allows an app to blend with “native” apps on the system, 24and it prevents the user from “messing” with the app logic 25by manually changing the URL. 26</p> 27 28<p> 29Chrome Apps are loaded differently than web apps. 30Both load the same type of content: 31HTML documents with CSS and JavaScript; 32however, a Chrome App is loaded in the app container, 33not in the browser tab. 34Also, the app container must load the main document 35of the Chrome App from a local source. 36This forces all Chrome Apps to be at least minimally functional 37when offline and it provides a place 38to enforce stricter security measures. 39</p> 40 41<img src="{{static}}/images/container.png" 42 width="671" 43 height="172" 44 alt="how app container model works"> 45 46 47<h2 id="programming">Programming model</h2> 48 49<p> 50The programming model describes the lifecycle 51and window behavior of Chrome Apps. 52Similar to native apps, 53the goal of this programming model is to give users 54and their systems full control over the app lifecycle. 55The Chrome App lifecycle should be independent 56of browser window behavior or a network connection. 57</p> 58 59<p> 60The “event page” manages the Chrome App lifecycle 61by responding to user gestures and system events. 62This page is invisible, only exists in the background, 63and can be closed automatically by the system runtime. 64It controls how windows open and close and 65when the app is started or terminated. 66There can only be one “event page” for a Chrome App. 67<p> 68 69<div class="video-container"> 70 <iframe title="YouTube video player" width="610" height="380" src="//www.youtube.com/embed/yr1jgREbH8U" frameborder="0" allowfullscreen></iframe> 71</div> 72 73<h3 id="lifecycle">App lifecycle at a glance</h3> 74 75<p> 76For detailed instructions on how to use the programming model, 77see <a href="app_lifecycle">Manage App Lifecycle</a>. 78Here's a brief summary of the Chrome App lifecyle 79to get you started: 80</p> 81 82<br> 83 84<table class="simple"> 85 <tr> 86 <th scope="col"> Stage </th> 87 <th scope="col"> Summary </th> 88 </tr> 89 <tr> 90 <td>Installation</td> 91 <td>User chooses to install the app and explicitly accepts the 92 <a href="declare_permissions">permissions</a>. 93 </td> 94 </tr> 95 <tr> 96 <td>Startup</td> 97 <td>The event page is loaded, 98 the 'launch' event fires, 99 and app pages open in windows. 100 You 101 <a href="app_lifecycle#eventpage">create the windows</a> 102 that your app requires, 103 how they look, and how they communicate 104 with the event page and with other windows. 105 </td> 106 </tr> 107 <tr> 108 <td>Termination</td> 109 <td>User can terminate apps at any time 110 and app can be quickly restored to previous state. 111 <a href="app_lifecycle#local_settings">Stashing data</a> 112 protects against data loss.</td> 113 </tr> 114 <tr> 115 <td>Update</td> 116 <td>Apps can be updated at any time; 117 however, the code that a Chrome App is running 118 cannot change during a startup/termination cycle.</td> 119 </tr> 120 <tr> 121 <td>Uninstallation</td> 122 <td>User can actively uninstall apps. 123 When uninstalled, no executing code or 124 private data is left behind.</td> 125 </tr> 126</table> 127 128<h2 id="security">Security model</h2> 129 130<p> 131The Chrome Apps security model protects users 132by ensuring their information is managed 133in a safe and secure manner. 134<a href="contentSecurityPolicy">Comply with CSP</a> 135includes detailed information on how to comply with content security policy. 136This policy blocks dangerous scripting 137reducing cross-site scripting bugs 138and protecting users against man-in-the-middle attacks. 139</p> 140 141<p> 142Loading the Chrome App main page locally provides a place 143to enforce stricter security than the web. 144Like Chrome extensions, 145users must explicitly agree to trust the Chrome App on install; 146they grant the app permission to access and use their data. 147Each API that your app uses will have its own permission. 148The Chrome Apps security model also provides the ability 149to set up privilege separation on a per window basis. 150This allows you to minimize the code in your app 151that has access to dangerous APIs, 152while still getting to use them. 153</p> 154 155<p> 156Chrome Apps reuse Chrome extension process isolation, 157and take this a step further by isolating storage and external content. 158Each app has its own private storage area 159and can’t access the storage of another app 160or personal data (such as cookies) for websites that you use in your browser. 161All external processes are isolated from the app. 162Since iframes run in the same process as the surrounding page, 163they can only be used to load other app pages. 164You can use the <code>object</code> tag to 165<a href="app_external">embed external content</a>; 166this content runs in a separate process from the app. 167</p> 168 169<div class="video-container"> 170 <iframe title="YouTube video player" width="610" height="380" src="//www.youtube.com/embed/EDtiWN42lHs" frameborder="0" allowfullscreen></iframe> 171</div> 172