This specification describes a proposed <webview> HTML element and an associated JavaScript API which allows a web page to embed another web page and manipulate and listen to changes in the embedded content.

Introduction

This is a proposed extension to the [[!HTML5]] specification.

Web pages often have the need to embed other web pages. In many cases an <iframe> element is sufficient for this purpose, but when the embedded web page is not same-origin with the embedding web page an <iframe> has many limitations.

Several user agents have existing implementations of features which provide privileged web apps with additional functionality when embedding cross-origin web content. Examples include the <iframe mozbrowser> element in Firefox OS [[MOZ-BROWSER]], the <webview> element in Chrome OS [[GOOGLE-WEBVIEW]] and the <x-ms-webview> element in Windows [[MS-WEBVIEW]], along with their corresponding APIs. These existing implementations include features to embed, access information about and control web content (including cross-origin content) in various ways.

Note that this additional functionality would not be safe to expose to all web pages using current web security models. In the examples given above proprietary methods are used in order to safely grant these extra privileges to certain web content. A standardised security model to safely expose such features to web content is certainly needed, but that is considered outside the scope of this specification.

Webview Element

Attributes

src

The URL of the page to embed.

name

Sets the window.name property of the embedded browsing context.

manifest

The URL of an [[appmanifest]].

By default a <webview> browser context can be navigated to any URL. If the manifest attribute is set to a valid app manifest URL then the browser context may instead be limited to the scope of the app described in the manifest.

If the embedded browser context attempts to navigate to a URL outside of this scope then the user agent may instead load that URL outside of the embedded browser context, as per the convention for that user agent.

Usage

            <webview name="foo" manifest="http://foo.com/manifest.webapp" src="http://foo.com" />

Webview API

Events

locationchange

titlechange

iconchange

loadstart

loadend

scroll

close

newwindow

Methods

go()

stop()

reload()

back()

forward()

canGoBack()

canGoForward()