WWDC2003 Session 418

Transcript

Kind: captions
Language: en
hello hello welcome welcome session for
18 as you say internet technologies
advanced foundation URL so this week
here at the conference we've introduced
the new URL loading API it's going to be
in foundation I expect probably a lot of
you heard something about it while
you're going to be hearing a lot more
about it in this session of course and
yes see so there's sort of I guess you'd
say good news and bad news the good news
is I think you're really going to like
this API sort of the bad news as well
there are some new things that maybe
you're going to need to learn about new
classes new api's but there are really
also some new features which I think
you'll find interesting and useful to
you disk caching cookies authentication
a couple of more things and we'll be
talking about these in the whole rest of
the session until what why I do okay so
URL loading are we talking a lot about
URL loading so what do I mean when I say
you are all loading well let's maybe do
a little bit of history first of all I
like to ask you how many of you are
through a Mac old timers and it sort of
real real veteran so I seeing a couple
hands Oh a bunch of hands cocoa great
well then probably you remember loading
URLs like this no well maybe not and and
well I also want to say you know it says
you know a doc right well Steve Jobs not
the only one who's going to do doc
minimization tricks their heads
these are the jokes people so well of
course you know sort of now all kidding
aside everyone knows that this is the
way we load URLs right no no I mean
maybe not well okay so getting back to
the real real material of course these
are a bunch of URLs this is what we're
going to be talking about today this is
the there's a level of networking that
we're going to be talking about today is
really the level of the URL so if you
have a URL and you want to use this API
well the thing you're going to have is a
thing you're going to use it for you
have the URL you want the data whether
this is the API for you so you start off
with the URL this API will help you go
out to the origin source whether that be
a network file system what have you and
get you back the data so if you're a
framework developer and application
developer this URL loading API is
something I think you're going to be
pretty pretty interested in and so you
might ask well why why a new API you see
if you go out on Mac OS 10 well there
are many many API for URL loading right
cyberdog now it's just so I've got five
years I one of these things is not like
the other well of course URL access
manager in carbon carbon for that well
we again we have many many api's and
there's but there's really even though
we have all of those there is one big
reason for developing a new URL loading
API and of course that's Safari and when
we started developing Safari just about
two years ago now well first things we
realized as well its web browser URL
loading it it's pretty complex I mean
there's a lot of things that you have to
do in order to work like a web browser
in the way that people have come to
expect and and really it has to just
work all the time there's not there's
not many people don't have a lot of
patience for a web browser that doesn't
get them through to the places where
they want to go so it has to just work
and so when we started Safari well we
knew the URL loading requirements well
we it had to support a world class web
browser that was our goal right from the
beginning with Safari is that this is
going to be a web browser that
everybody on the Mac was was going to
want to use and so in order to get there
we had a short list of things that we
were going to try to target to even try
to hit and just go over these briefly
naturally standards compliance is a big
one there's a very very long list of
rfcs that were related to web
technologies naturally the HTTP rfcs
figures very very prominently for web
browser so we have to implement impo
implement that but then of course out on
the real world internet well not every
site is going to implement every
standard to the letter so we had to make
sure that that Safari would interoperate
with with all of these sites because
people want to go go to these sites so
we have to make sure that we can get
through there and of course there are
some real details once you get down to
URL loading above and beyond things like
you have to do in WebKit and so forth
and so we wanted to make sure that we
had both standards compliance and
real-world compliance and then there
were features things that none of those
other api's that I listed before really
we're going to deliver for us as they
stood right there things like caching
and cookies things i'll be talking about
a little bit later and then of course
there's the issue of performance we
wanted to make sure that that that you
are loading and that the browser was
really really fast and and and if i go
back to the beginning of the Safari
project well when I started on this
project I know how to use a web browser
but I certainly didn't know how to write
one and the first thing that I ever
learned about web browsers was this here
if you want to make a fast web browser
you have to have fast you are a loading
nothing else matters if you don't get
this right and that was told to me by
John Milton you may have seen his talk I
think it was on Tuesday it's the first
manager of the Safari team and so this
was this was where this is where I came
into the project and this is what i
started doing and you know I we figured
that while we were at it while we were
at making sure that we had this good
performance and the features and the
standards compliance and so forth if we
go one step further and and hone those
api's a little bit make sure there are
no WebKit dependencies no GUI
dependencies and so forth a couple of
other goals we had that we could have a
public API usable outside of Safari too
you are alluding and so that's what we
that's what we did and and just to get
back to this performance issue again you
know we really do think that it turned
out and it was fast and I think you see
that in Safari as a matter of fact I
think it turned out to be really fast to
the point where i'm sure you probably
saw the keynote and you saw the g5 and
some of the great new technologies
that's in there well this api so fast
that you know we had some cooling
concern so we wound up dividing Safari
up into four different thermal zones now
so you're going to go home you're not
going to know which part of this
presentation is the real stuff in which
is it which is the jokes yeah well
anyway back to the real stuff so we
think this API really does work great we
do we use it in Safari and now we want
you to use it too so that's that this
developer conference we're going to be
making this available so my job now for
the rest of this time is to convince you
that it's something that you want to use
and whether or not you should be
interested and so why should be
interested in this API well its API
through you if you load URLs if not well
you can probably fall asleep I mean you
may anyway by time things are over but
really this course you are loading URLs
is real prerequisite but then if you
develop frameworks applications this API
is really it's for you it I think it'll
be suitable for you and and here's the
key point is if you value features more
than details if you're going to be
interested in every little socket option
every little bit that's coming over the
network this may not be the right level
for you in the stack you may want to get
down maybe a little bit lower on but if
i said as i said before if you have a
URL and you want to get the data and you
don't want to do a lot of extra work you
want it to work correctly but you don't
want to do a lot of extra work I think
this API something you might be
interested in and then the last point
there is whether you use objective c or
c c++ sort of both in you know the cocoa
and carbon developers should
find this api api useful and i want to
go and say yes yes c c++ carbon
developers you can use this API i won't
i won't lie to you the new API is in
objective-c but there is no technical
barrier to using this in your program
you will need to write a little bit of
glue but you know here's here's my
advice of on this subject is that if you
like the features if i do a good enough
job convincing you that the features and
the api something you want to use just
linked with foundation and and start
coding and and the good thing is in the
in the web kit sdk which you can
download from your through a DC there is
example code in there which will show
you how to do this from a carbon program
i even have a demo a little bit later
which i'll be showing you briefly but of
course to really get into it you need to
go and look at that code in the SDK and
so anytime that a new API is is is it
out and one that affects others so yeah
I can I've been in your position before
I mean your question you're asked well
what changes and what stays the same so
let's go through that a little bit the
URL loading API for Safari move down
into the foundation framework okay and
it's now called foundation URL loading
API I think you heard that turn of
phrase quite a few times okay there's
also another existing API in foundation
to load URLs and its URL handle and
that's superseded but supported so if
you're using and its URL handle now in
your code that code will continue to
work without any change you don't need
to do anything however for new code we
suggest if nsurl handle with something
that was attractive to you I want to
convince you to use the API will be
talking about today instead there's also
a number of existing conveniences in
foundation having to do with nsurl just
you have an NF URL and you want to get
the data for that well those are still
fully supported and one of the things
that we're doing this is sort of still
in progress we're in 3 implementing the
internals on top of the new API I think
if we do our job right this will be this
will be done for Panther release
in a stream and foundation is another
API it was just the course introduced to
this conference that's still fully
supported as is CF stream still fully
supported but of course those two api's
are sort a little bit lower in the stack
and they're not they're not going to
have the same features like i'll be
talking about however they do give you
more control in return and so that will
be really up to you to decide they're
still fully supported as this CF network
is sort of the same idea you'll get some
more protocol support and CF network if
you want to maybe have more control over
threading that's your thing again a
lower level API use it if that's where
you want to come into the stack still
fully supported matter of fact I should
mention foundation URL loading API uses
CF network extensively and so this is
still still good api's but again it's
still a matter of leveling where you are
in the stack URL access manager in
carbon however even though it's still
available to you it's not being removed
from the API removed from the from the
system however it's no longer an active
development and I probably refer you to
the to the dvds there was a networking
overview this morning where Becky will
rich talked a little bit more about
transitioning off old API so you may
want to look in your book and look in
your dvds and and see a little bit more
information about that and of course you
could still you can still do it yourself
I mean if you want to do sockets and go
down to that level you can but that's a
lot of work again if you have a URL and
what you want the data that's really
really going to be a lot of work for you
and I don't suggest that instead i would
suggest the foundation you are a loading
api to my so I I get the big check
mark okay and again if you have a URL
you want the data you like the features
and you don't want to write a lot of
code this is this is probably going to
be the API for you and so what are the
pieces of this API what what are what
are the components what are the what is
the feature set and so naturally the
first part of it and naturally to you
are loading API to a very very big part
of it is you are a loading but then
there's also these other pieces which
round out that feature set and hopefully
we'll make this API
where you know convenience easy for you
to use and give you the give you the the
right combination of power and
simplicity and we'll be stepping through
these and doing some good good detail
about those so getting into that this
first piece URL loading this is really
the basic building blocks of all of
those other pieces on the LAN that
bottom half of that that previous slide
so we go go back to that they're right
URL loading is the building blocks for
all of those pieces under the break so I
just want to sort of give us a good
grounding and talk about this this you
are a loading piece first there are some
men components in url loading the
concept so I'm going to talk about first
and we'll talk about how that really
fits into the API we have
request-response connection and delegate
callbacks you'll be seeing this again
and again and again throughout the talk
so these are things we really want to
get to get a good hold on so URL loading
begin with request what is it request
well it's request is a URL + load
specific data so you have a URL you want
to load it but you want you want to
specify how it should be loaded so for
instance you may want to bypass the cash
go back to the origin server pull that
data down freshly you may want to add a
custom HTV user agent well or other HTTP
parameters this would be the place where
you would do that in this in this nsurl
request object ok so again request is a
URL + load specific data so we have a
response and a response gives you
everything but the data and so will you
send a request out you're going to get
this response back you're going to be
getting data of course but you're also
meaning i'm going to be getting
interesting metadata that your that your
application is probably going to be
pretty interested in things like mime
type content length or then hdb specific
information like whether or not the data
should be cached or not and this is how
you get this delivered to your to your
code and nsurlresponse-- we have a class
in the API for this okay connection a
connection is a handle to an
asynchronous load in progress so if you
have a
qwest you can create a connection with
end start your load it turns out that
request is reusable you can go and and
create a request create a connection
with it go back and modify that request
again once you start your connection
though that request is yours you can
modify a change the url change some of
the things and use it again to create
another connection okay so that turns
out to be really really convenient when
in in in real code it may seem like a
like a small point now but it really is
really very very convenient and so as I
say connection ID uniquely identifies a
particular load particular request
you're sending out and since this since
this loading happens asynchronously this
connection gives you a a handle for
canceling in case you want to stop it
before before it's all done and we have
a class for this and it's URL connection
and so this last piece in this this
first set of building boxes these
delegate callbacks well so you've got a
request you create a connection your
load begins well interesting things are
going to start to happen there may be
going to be getting your response back
some data is going to come in and so
forth well the way that we deliver that
to your application is with with these
delegate callbacks okay and so this is
for informing you about interesting
events and not only informing you but
giving you in many cases a chance to
take action in your program this is a
very very important hook for adding that
application specific behavior so that
your app can act like it needs to okay
and some examples of this is again
you've got the response you got some
data delivered to you and your load with
finished and so we have nsurl connection
delegate this is an informal protocol
you implement in your app you choose out
some of these delegate callbacks and you
implement them and you'll get the
callbacks when when those events happen
again I I just touched on it briefly a
moment ago but it's important to to
mention that these delegate callbacks
are optional there's that there's really
a quite a quite a nice list of them
however in your program you only need to
implement the ones that are important
for you that that makes sense for your
application
and so looking at all these pieces again
yet we have request-response connection
and the delegate delegate callbacks let
me just go back again these are very
very important again the important
building blocks you'll be seeing them
again and again throughout the API when
you look at it and then certainly for
the rest of the time during this talk
here's a here's a small example just to
show you again the level at which you
would come into this API to go and do
some of the work that it knows how to do
so you have maybe a custom method in
your in your program load URL you have
an nsurl and create a request with it
and then create a connection with that
request and that load starts
automatically someplace else in your
program implement a couple delegate
callbacks and this is all you need to do
to start using this API again it gives
you that nice level where you have the
URL you get the data back and you're
moving on to the other parts of your
code that that is really probably more
interesting to you than doing the actual
loading of data and so I'd like to do a
little bit of a demo hey demo
I could tell you about the demo but it
wouldn't be nearly as interesting did
the machine go to sleep perhaps yes okay
ah there we go ok ok I have a little app
here called visible loader let's just
let's just run it and what you'll see
here is I have a URL bar and I'm just
going to poke this the start load button
and you see some things happening well
what is it that happen I've got this www
apple com URL in the address bar and I
loaded I just loaded that URL there's
the the visible evidence of that is in
this window which are these these are
the delegate callbacks that I got that's
what this application does with its
delegate callbacks is it logs them in
this window and so you can see I can go
around and and and brows brows these
these delegate callbacks and and get
some nice information about them let's
kind of just hop back to the pot back to
the code for a second if I can
I seem to have lost my aliases so you'll
have to forgive me we just quit this for
a second and see if they come back no I
had a bunch of aliases that I think you
have lost well there we go there they
are and so here are the delegate
callbacks this application implements an
you'll see in just one of the you know a
simple example is I received data and
all that I did in this app application
was I updated the progress indicator and
I put a little log message in the window
so that we can go and look at it now
naturally in your application you know
is in safari for example what we do as
well we take that data we feed it off to
the to the HTML rendering engine and so
this is the way again that you begin to
hook in your code into this new API and
again it just you know illustrates that
this API is not it's not a black box it
gives you a good amount of visibility in
other words you just don't throw URL
over the wall get some data back and
that's it try to give you a good amount
of control over over what's happening as
it as it's going on okay go back to the
slides please so again those four pieces
then been over them and over them again
the basic building blocks for URL
loading the i/o is asynchronous and
there are a bunch of these optional
delegate callbacks that you get ok so
now using this as a foundation let me go
on and talk about another piece of the
API which is URL file transfers excuse
me and so
this is very very similar to you are a
loading however it gives you some nice
features for downloading content instead
of just like to the maybe the innards of
your program or something just going to
download that URL on to disk and there a
couple extra delegate callbacks you
might imagine to help you do that and
uploads are coming soon and so we take
this same picture that we had before a
download comes into the middle there and
takes the places connection but
everything else stays the same we've got
this class and its URL download to go
into the place of nsurlconnection but
really the way that's the that the
program works is really very very
similar and I have another brief demo of
that what I wanted to do for this is
illustrate a carbon a carbon example and
so I'm going to run this and you'll see
that i'm going to go HTTP i'm single
threaded when it comes to typing so
you'll have to excuse me max calm and
and download and you'll see i'll get a
little prompt so and probably just pride
on the desktop would be great so go and
do this little download and you see I've
got the file there and so you know again
to illustrate you know we saw the sheet
come down this is a carbon program as
well as I can show you there's a
slightly slightly modified version of
this it's actually a nun hacked up
version is actually what it is which is
going to be in the the developer STK and
you'll see that again it's just a bunch
of delegate coba it's actually a few
more than the other program that we
looked at and again it gives you a a a
good amount of control the side
destination with suggested file name is
what is the hook that we use to drop
that sheet down so again you get a good
amount of control of things as as
they're going on and then as you can see
down here this is a little C++ code so
this is an objective C++ file and it's a
little indication of the kind of glue
that you'd have to write to get from get
from your C C++ code over to where you
can use this use this API
okay good I'm going to clean my mommy
always told me to clean up after myself
so there we go okay good so if we can go
back to the to the slides please yes
demo and so here seen this picture
before these are the basic basic
building blocks of the API loading file
transfers and delegate callbacks so now
to go on and talk about yet another
piece content caching well what is this
for well after we download a URL we
store the content locally I don't think
this should be news to any of you makes
furture for future requests for the same
URL go faster now the interesting part I
think about this about this portion of
the API is that it just works
automatically you don't have to do
anything you don't have to call a method
or set a flag or anything well I want
caching no it's just going to happen for
you automatically it's going to go
faster if it can if it can help you to
go faster it will how end but I should
also point out that there is an API to
provide direct access to the cash and
its contents if you wish and some of the
features of this this portion of the API
first there is I like to think that the
that this API has presents a good HTTP
cache smarts there's a there's a lot of
texts in the RFC for HTTP about caching
and we've implemented that we've gone
through gone done the work to implement
that here and so so that when you're
interacting with this API to go and get
content for HTTP servers it's going to
work the way that you want with regard
to caching and so that's that's that's a
ones that being a bunch of work that you
don't have to do and the benefit is that
you'll get the correct combination of
correctness and speed another big
addition to this API is is disk caching
which is I think a very nice very nice
feature so that your cash will be
persistent across multiple runs of your
application and then there's some other
things configurable policy for a quest
time like I said before is it bypassed
the cash is perhaps an option there's
also some other other policies which
I'll talk about in a little bit and then
there's as you might imagine a delegate
callback for response time when things
were going to get written into the cash
now unlike the api's that I talked about
before request-response etc you need to
ask yourself well is this a portion of
the API that I really need to use and
well I would I would you know I would
answer that by saying well if you want
the cash to work in the background if
you want it to help you make your
program go faster but you don't really
want to know about the details so much
you're not going to need this portion of
the API again it just works
automatically and you'll get the
benefits without having to do any work
however you'll need this API if you want
say custom cash policies for different
loads or even surely direct access to
the cash you'll need this API and so
here the building blocks for for this
part of the API cash cash response and
cash policies just go through that the
cash is actually the single concept but
it turns out to be a stack of memory
cache and disk cache you don't get to
see them really separately they're
actually some API methods which will
operate on one of the other however when
you ask the cash for something there's
there's no there's no way for us to even
a report to you through the API oh this
came from memory this came from disk
okay but again it works transparently if
you're using just the request response
API you will you won't be involved in in
interactions with the cash as you might
imagine it will look in memory first
since if it's in memory it can be
returned to your program much faster and
then look on disk which naturally has
much much more storage to look for
information I should say that there is a
you can configure the sizes of these
caches and you can configure where the
disk cache will live in case you want to
say ensure that it was on a local volume
or something like that and again of
course it can be accessed directly
through the API and we have a class for
this nsurl cash cash response a cash
response stores the URL data and the
metadata and so it wraps in
nsurlresponse-- it wraps an NS data and
when it comes time to disk caching
that's that object is just realized
right out to disk in a file you may have
looked in your Safari cash on disk then
you see a bunch of files with cryptic
cryptic names well what those are
serialized and cached responses actually
technically they're serialize and it's
cached URL responses okay and then the
last portion of this API is cache policy
controls whether the cache data is
returned for a URL request and we have
several policies here you get those good
HTTP cache smarts that I mentioned
before by default when you're using HTTP
but you can also say well by cat bypass
the cash in case your application may
have a reload button very very simply
simple for you to do that and then
there's also some offline behavior if
you know that you're not connected you
can specify look give me this data from
the cash even if it's expired if it's
stale I just want it because I can't go
and refresh it right now and so this is
also very useful for some other
applications we have an enum for those
constants and so I just wanted to show
you a very brief example of how to
access the cash directly get the shared
URL cash you have a string representing
URL create a URL with it create a
request with that URL and then you can
just go and ask this this shared cache
object for the out for the object that
would map to that request and then you
can just get an N its data back from
that and then go and do something
interesting with the data once you get
it and so just with a few lines of code
you can take advantage of the direct
access cache API and so I would like to
do a demo
I have a sleepy computer today it looks
like could I get a demo thank you and so
here's a little app I called the disk
cache inspector and and what this does
is it's gone through and it's looked at
a provider list of all of the files in
the Safari cash and so here they are and
then we can do some some interesting
interesting things with it I think
they're interesting at least is that we
can go and and give a view of of what
the content is in the cache and not only
not only images you could see that in
the case of an HTML page I've actually
got the HML this is is actually is what
is in the cache and so what you can do
with this program is you can su to root
and see what other people have in their
disk caches which is kind of a you want
to do that okay and so and so there are
some other things here too which I think
are pretty interesting here's uh if I
can do this oh yes here's a sum of
actually much of what is in an nsurl
response you see there's HTTP specific
information in there that's what's in
the cash as well and then there's also
quite a bit of information that is comes
into use to implement this good cash
smart that I mentioned so a lot of this
information comes into account when you
send out a request the cash is consulted
and the engine has to decide am I going
to use this cache data for this request
or not or am I going to go out and
reload from from the network or for the
really from the network file URLs
typically aren't cash okay and so this
is again an example of what you can do
with the the direct access cache API in
a little example of of what why oh
that's a good one what winds up what
winds up being in there okay
okay okay okay the slides back please
okay just to summarize again we've got
cash policy's cash cash response the
cash stores URLs locally makes things go
faster if it can and again it has this
nice feature where it'll just work
automatically if it can and so fitting
this in to the rest of the rest of the
pieces of the puzzle are we filling
those in and so we've got cash cash fits
in right there and so going on to the
next peach HTTP cookies I think probably
most of you if not all of you know what
a cookie is well when you go out to a
website it'll send you back a small
packet of information that then when you
go back to that website you'll send back
that little packet of information back
to that server every other time you
access it in the future and so enables a
lot of ecommerce websites website logins
rely on this a lot another great part I
think of this API is that again it just
works for you automatically so we've got
a lot of cookie machinery that'll just
kick in whenever you do HTTP if you need
cookies it'll just they'll just be
applied for you but again this API
provides you direct access if you want
some more control and so the features of
this API we've got persistent cookie
storage so that you have your you're a
cookie cookie file on disk another
another interesting part of this is that
the cookie storage is shared per user so
each user will have their own cookie
file but it's shared among all
applications that that user will use and
so if they get some cookie data from say
safari they'll be able to use that
cookie data in Sherlock and you won't
have to do anything and so but
additionally because cookies there are
some security some privacy concerns we
do have configurable accept policies and
then another piece that we worked very
hard on in the cookie API was to was to
interoperate some real world compliance
there to make sure that when
site send its cookies that we can parse
them and read them and use them as the
website developer intended there really
isn't a good standard here it really is
just their law of the jungle and and
we've really really tried to make sure
that we we have a good interoperability
with what you'll find out there in the
internet and so again do you need this
portion of the API well if you want
cookies in the background without
worrying about the details you don't you
can just sort of let this work for you
and do its good work without having to
delve into the details however if you
want to control cookie except policies
or get direct access to the cookie store
then this is a portion of the API you'll
need to learn a bit more about cookie
cookie storage cookie accept policies
these are the three three pieces of this
API and so cookie as I just said this
little nugget of information that is
sort of exchange between your program
and a server these are created
automatically and sent back
automatically and again there's
extensive rule checking for these NS
HTTP cookie we have a class in the API
for this cookie storage cookies are
shared on disk as I said and are shared
among processes this class will manage
that cookie file it'll actually do the
do the work of parsing out this cookie
data and then this is probably we're
going to come in and inspect set remove
cookies as you wish in your application
we have a class for this NS HTTP storage
and cookie accept policy accepting
cookies is governed by this setting
there's actually three different
settings always accept always reject and
then accept that only from the same host
and this happens very often you go you
go to site a but add server site wants
to set a cookie on you when you go to
that site you can set it so that that
cookie would get rejected but any
cookies from the site that you navigated
to will actually get accepted and so we
have a set of constants for this as well
now in Safari yeah you've probably seen
this window here it may be a little bit
hard to see but but the the second sort
of savage sort of check boxes on the top
stead of radio buttons well that's the
cookie except setting dialog in Safari
it's going to be in the security the
security
and when the user goes and checks that
you can see you know he's just a quick
example of of just a few lines of code
that you'll need to go in and and and
actually implement that setting this is
just actually really just copied right
out of right out of so far just to two
other case statements like the one that
what that is listed there and and you're
done so again there's sort of EV the
economy of coding that you're going to
need to do to use this API and get to
get the features out of what's in there
and we've really really concentrated on
that and so again here are the pieces of
this API cookies help with the website
logins e-commerce and are shared among
processes and just work for you
automatically and so we dropped that
piece into the puzzle and so moving on
authentication authentication actually
proving your identity to a software
system and in most cases for websites
this means you know this sheet will drop
down and you're gonna need to type in
your username and password I'm sure
you've probably many of you most of you
have seen this dialog in in Safari and
so this portion of the API provides your
hooks for a custom UI like you see in
Safari however point out that there are
actually no GUI dependencies you again
there are no WebKit dependencies there's
there's there's no cocoa there's no AB
kit dependencies in this API so we have
to sort of work it out so that would
work so that would happen and there's a
hook for providing custom authentication
schemes and there's ask once capability
integration with keychain and so if
you're just interested in loading URL
through the WebKit API you don't maybe
you want to come down to this level well
naturally this portion the API won't be
for you or if you don't need to access
protected data however if you do want to
you know see that she dropped down or
have functionality similar to that
you're going to need to learn about this
portion the API the authentication piece
or if you want to develop a custom
custom user interfaces these are the
pieces mercifully I'm not going to go
and talk to you each one individually
just as you know these are the pieces
that we have to represent usernames and
passwords places with you want to
authenticate to individual
authentication challenges and so for
they're all they're all in this portion
of the API and now I'd like to do a
brief demo
okay so what I've done here is I I just
went out the other evening and I I found
this site on the net that does a lot of
provides a lot of test pages for HTTP
authentication I'm just going to go up
on this very very first one and get the
sheet dropping down this is the
authentication API in Safari being used
i'm just going to log into this site and
you'll see that i get access only two
rows basic auth it's just a little test
page okay and so you see Safari using
this this API then I'm going to do
another another example like the going
to the same site I like to call this
that 70s demo hey there like the I did
the nice amber you know I I couldn't be
the amber or green I couldn't decide
well anyway this is an example of using
authentication from from a command-line
application to see here I didn't even
take the trouble of doing hiding the
password but you can see again you just
get the output printed to the terminal
in exactly the same as showed up in
Safari just showing that again this API
has you can use it from command line
applications you don't need to be
writing a GUI program to get to derive
advantage from it so so with that back
to the slide please
it's authentication again providing
access to protected data asked once with
the keychain and no GUI dependencies as
was illustrated and so and so and so
authentication fits in fits in right
there going into the next piece custom
protocol so let's say you have an
application and these protocols HDPE
HCPs have to be file and about don't
suit you you have gopher you have some
custom protocol that you want to
implement in your application well this
will be the API that you use to to
develop your own and I think the really
really strong part of this API is that
there are there's no there are no
secrets there's a very very clean
interface to the other parts of the
subsystem is your it winds up being the
same interface that those built-in
protocols that we actually wind up do
providing to same API that those that
those protocols use your protocols our
peers to the one that ship on the system
I think that's a really really strong
part well actually do you need this API
well if you're not going to be
developing a custom protocol you don't
then if you are well you do and just two
pieces here protocol and protocol client
this is what actually does this is
really you know in some ways this the
classes that implement this this
protocol concept they're really one to
being the engine of the of the API
wanting to wind up doing the real work
to go out and load load a URL in a
protocol specific fashion many many
times these map to a scheme like HTTP
and then they really do work like in
many ways like plugins I mean there that
you can you can uninstall and reinstall
actually even while the application all
the application is running and they just
must be registered in order to be in
order to be used and we have nsurl
protocol is the class for this in the
API and then we have protocol client
which is the piece that provides the
interface to the URL loading system and
in some ways you can think the whole
engine is over here and if you are all
protocol instances are over here and you
use this protocol
client interface to talk back to the
system from from from your protocol and
so there's no secret API and there's
this one way communication once a
protocol is created it's the
responsibility of the protocol to drive
the URL loading process and tell the URL
loading system about things that are
happening in protocol specific protocol
specific things I mean to do with a load
and nsurl protocol client is the API
piece for that and so here's just a very
very brief example of things that are in
the protocol client interface you'll
notice it's actually these turn down and
when maybe get the SDK and you look
you'll notice that these pieces are
actually trying to be very very similar
to what's in the delegate callbacks
again these protocols are actually doing
the work that drive they'll drive the
load of your URL and so you know when
interesting things happen they tell the
system and then the system goes and
tells you in your code and then actually
implementing a protocol you only need to
do a few things you need to implement a
small small handful of methods to just
go and implement your own your own
protocol and have it be a peer of all of
the others and as a matter of fact this
is a this is a snippet a surprise it's a
good good majority of the code that's
actually in the about protocol in Safari
and I just highlight out just a a couple
of lines to show that this is the
protocol interface the about protocol
and it's driving of the load back
through to Safari and you see about
protocol never never fails it's always
always succeeds did did finished loading
at the end and so protocol Klein
protocol again no secret api's your
protocols are peers is a very very clean
interface to the rest of the system and
so dropping that dropping that piece in
there and so I'd like to do just another
another brief demo
and I'd like to just point out a feature
in Safari which I don't know if I if if
if all of you have seen but this is the
activity window and although you know
once you know in a real program it's not
you know it's never quite as
straightforward as we try to make it up
here on onstage but but really what what
lines up happening in this activity
window is these are all of the URLs that
you loaded and and and really what winds
up happening each entry in this list
when that winds up there as a result of
one of these delegate callbacks from the
URL loading system that URL got loaded
and eventually that winds up getting
reported through the the user interface
in in Safari and so this is just again
otta yet another example of how delegate
callbacks are used I'd like to do
another another small demo here to this
is one I was not planning on doing but I
must have spoken quickly but this is
kind of neat I think and so what I'm
what I've actually done is actually now
I have three versions as far let's just
go with two versions of Safari and so
I'm going to do is rearrange these
windows here and and in both i'm going
to show the cookie list so that's the
cookie list for this window and right
and then the is the cookie list for this
window that's what i'm going to do just
to it just to make it easier easier to
see i'm going to remove all of the
cookies from both applications that what
what you've seen already is that those
two copies of Safari to WebKit clients
to nsurl foundation API clients they're
cooperating on the cookie store you
remove the cookies from one version of
Safari and the other version of Safari
its window odd just automatically
updates with new information about a
change in the state of cookies and so if
I go pick one of these and go back to a
site where cookies get set again
you'll see that as soon as I click in
that other window it updates redraws and
shows that cookies get set and in that
window as well so again an illustration
of that cookie API and and the
cooperation between processes running
belonging to a single user okay great
may have the slides back please and so
to wrap up this is a roadmap some of
these conferences actually half of them
the first two I see have already
happened please going to go back and
review on DVD the open source talk we
used a lot of open source in in WebKit
and Safari there's actually no open
source it turns out in this portion of
the API is still implemented by Apple
but if you're interested in Safari
technology in general that's a talk you
might be interested in Safari technology
in web standards talks about if you're a
website developer you want to develop
content that's going to work well in
Safari if you're just interested in web
standards in and apples implementation
stance towards standards the second one
advanced foundation URL API as well
that's this talk so you saw it that's
that's all there is to see and then
tomorrow I I really urge you to go to
the if you're interested in Safari
technology go to that last one tomorrow
at 9am advanced WebKit api's if you've
seen those demos of wiring things up
with WebKit well you really go down a
step lower and see a little bit more
about what's about what's under the hood
and then yes another session tomorrow
afternoon internet technologies
developing web services using web
channels some sherlock technology Mac
os10 networking api's again I mean if
you if you you know you saw those checks
and exes before I mean I think it's it's
probably you know if you're not familiar
with the API is it's probably a pretty
tough choice for you to decide which of
these you are loading api's do I want to
use well I think that that session will
give you some more good information
about that and then tomorrow afternoon
see if network in depth will talk to you
more about see if network and then
I also encourage you to come tomorrow at
ten-thirty to the feedback form where
I'm because you're going to have an
opportunity now to ask some questions
but tomorrow you can you know come and
give us some more feedback about this
API and and networking as well and if
you think of something now or if you
have other feedback a little bit later
John Bell NZ this the email address on
the screen is the is the person to
contact for more information and to get
further further feedback and so here's
some some other information about about
these api's there are some I think some
very very nice the documentation people
did a really really nice job going
through and sort of cleaning up what we
did and documenting it in such a way
that you folks can understand it
hopefully so I I refer you to this
documentation and then really if you
want to get into this API you want to
get into this API in the WebKit API
really urge you to go and start working
with this web kit SDK again I should
probably it's been mentioned before but
just to make sure that everyone knows
that the all the code that you need to
do the applications like I wrote here
today and and the ones that you've seen
with WebKit if you have Panther you have
everything that you need it's installed
on the system if you have a Jaguar
system and you've installed Safari 10
everything is there on the system you
you have everything that you need
however there's some other examples and
such that are really only going to be in
the SDK and so I still do urge you to go
out and get it