Hyves currently supports the OpenSocial 0.7 spec; the spec can be found here. If we support new versions in the future, we will be remaining backwards compatible with 0.7.
The Hyves container supports two views: profile and canvas (see Anatomy of a gadget ). Clicking on the title in the profile view navigates to the canvas view. There is also a function available for navigating to the canvas view, see the example on navigating between views
- No support for gadgets.io.ContentType.FEED in gadgets.io.makeRequest Currently, we don't have support for makeRequest calls with content type gadgets.io.ContentType.FEED. This is a bug on our side and we're planning to support this in the near future.
- OpenSocial gadgets can't be placed in groups or hubs (spots, companies, interests, brands, etc). At the moment an OpenSocial gadget is connected to a single Hyver. If you want to add your gadget to a hub, please turn it into an iframe or embed and email us to request authorisation of the code so it can be used on Hyves. Note: The parameters allowNetworking and allowScriptAccess will automatically be set to never for security reasons.
- We do not support dynamic generated xml-urls (so ../gadget.xml is ok, but .../xxxxxx/gadget.xml where "xxxxxx" is dynamic is not possible). You can add app_params to the item page url.
- You can't place more than one instance of an OpenSocial gadget on a profile.
- OpenSocial gadgets can't be placed in scraps, messages, blogs, etc. It is possible to add a thumbnail with title, this is in a special format.
- UserPrefs are not supported.
Viewer business rules
The application can get data on the viewer if:
- viewer == owner
- view == canvas
- viewer has application installed on profile
- viewer gives permission after an opensocial.requestPermission
- viewer has given permission before (after opensocial.requestPermission) and checked the "remember box"
In other cases, requesting the viewer will fail, and first requestPermission should be called
For more information on view sizes click here
Linking to the canvas page
For security reasons (Cross Site Request Forgery) we cannot allow universal (=the same for every member) links to the canvas page. The canvas page for an application I have installed on my profile may be http://claude.hyves.nl/gapmember/1234/Nice_App/abcdefgh, whereas if you were to view the same app, the url would be http://claude.hyves.nl/gapmember/1234/Nice_App/abcdhgfe. If I were to share my url, and someone would click the link, he will be taken to a page with nothing but a redirect link to the app.
By default we cache the gadget XML. This cache gets refreshed on a regular basis; right now this is once per day somewhere between 12:00 AM and 7:00 AM GMT. This policy is for approved gadgets. If the gadget is not 'Live' and only available in a Sandbox, only minimal caching (title&height) is applied. In addition, we provide a manual way to do an immediate cache refresh of the gadget XML for 'Live' gadgets, located here, next to the gadget in your 'Live Apps' list.
Hyves will attempt to rewrite all of the URLs used in your application to pass through its proxy, caching the resources at those URLs in the process. To disable this URL rewriting mechanism, simply add the following block to your application spec's ModulePrefs element:
<Optional feature="content-rewrite"> <Param name="include-urls"></Param> <Param name="exclude-urls">.*</Param> <Param name="include-tags"></Param> </Optional>
A more detailed overview of Open Social resource caching and invalidation can be found in OpenSocialCaching.
It's possible to make signed requests using io.makeRequest(). Signing the request will make sure no one has tampered with the request and the data you receive was not changed by the user. For this to work you must set
gadgets.io.AuthorizationType.SIGNED. The signature is done using the OAuth standard. Third-parties can validate this signature using our public key. The name of this key is sent with each request in parameter xoauth_signature_publickey.
- The full location of the public key is: https://secure.hyves.org/statics/gap/cert/ <value of xoauth_signature_publickey>.
An example of a signed request script can be found here.
Opensocial supports localization through gadgets.Prefs and the use of the XML Message files. The country is the country of residence of the viewer (as they have filled in on Hyves), the language is the language Hyves is currently in (nl or en). Note that OpenSocial has no way to differentiate between Dutch and Flemish. For example the include of a dutch XML message file:
<Locale lang="nl" messages="http://www.example.nl/nl_ALL.xml"/>
See an example here
Gadget Messaging and Gadget invites
We support opensocial.requestSendMessage. You can find more info here (Note: there is a limit on sending messages that can be reached).
We also support opensocial.requestShareApp. You can find more info here.
Container Compliance test suite
We have tested Google's Container Compliance test suite against our container, some tests still fail but are not blocking.
P0 - High priority
- People/Person Requests Test Suite :: PPL602 - People/Person Requests Test Suite :: PPL504 - People/Person Requests Test Suite :: PPL502 - People/Person Requests Test Suite :: PPL601
2 - Nice to have
- People/Person Requests Test Suite :: PPLX03 - People/Person Requests Test Suite :: PPL503 - People/Person Requests Test Suite :: PPL506 - People/Person Requests Test Suite :: PPL801 - AppData Test Suite :: APP302 - AppData Test Suite :: APP004 - AppData Test Suite :: APP102 - AppData Test Suite :: APP002 - MakeRequest Test Suite :: SMKRT001 - MakeRequest Test Suite :: MKRT003 - MakeRequest Test Suite :: MKRT012 - MakeRequest Test Suite :: MKRT005 - MakeRequest Test Suite :: MKRT011
These tests are nice to haves. Mainly fail because of the same timeouts as described under P0. As soon as this issue is resolved they will probably work too.
For posting and retrieving appdata you can use our AppData API. The lenght of the key with appdata can be no longer then 32 characters.
Hyves supports communication between gadgets and the activity feed (called Buzz in Hyves terminology). At first the methods opensocial.Activity.*, opensocial.newActivity, and opensocial.requestCreateActivity will return a not-implemented error because they are disabled. We have to enable this for your gadget. Read more on the activity-post page.
- Add params to the item-page-url to pass app_params/variables to the canvaspage, this way you can use this param-data in your gadget, for
- Addition to opensocial.Environment.ObjectType.PERSON, 5 thumbnail sizes with Hyves.Person.Field
- OpenSocial community (wiki.opensocial.org)
- OpenSocial performance (code.google.com)
- A OpenSocial Directory (opensocialdirectory.org)
- Best practice on Masternewmedia (masternewmedia.org)
- Social Design Best practice (code.google.com)
- Opensocial-actionscript-client Library (code.google.com)
- Example external interface AS2 - Download
- Example external interface AS3 - Download