|Developer(s)||W3C Social Web Working Group|
|Initial release||November 1, 2007|
2.5.1 / August 30, 2013
|Type||Web application framework|
|License||Apache License 2.0|
OpenSocial is a public specification that defines a component hosting environment (container) and a set of common application programming interfaces (APIs) for web-based applications. Initially, it was designed for social network applications and developed by Google along with MySpace and a number of other social networks. More recently, it has become adopted as a general use runtime environment for allowing untrusted and partially trusted components from third parties to run in an existing web application. The OpenSocial Foundation moved to integrate or support numerous other open web technologies. This includes OAuth and OAuth 2.0, Activity Streams, and Portable Contacts, among others.
It was released on November 1, 2007. Applications implementing the OpenSocial APIs are interoperable with any social network system that supports them. At launch, OpenSocial took a one-size-fits-all approach to development. As it became more robust and the user-base expanded, OpenSocial modularized the platform to allow developers to only include the parts of the platform it needed.
On 16 December 2014 the W3C issued a press release, "OpenSocial Foundation Moving Standards Work to W3C Social Web Activity", that OpenSocial would no longer exist as a separate entity and encouraged the OpenSocial community to continue development work through the W3C Social Web Activity in the Social Web Working Group and Social Interest Group. The OpenSocial Foundation stated that "the community will have a better chance of realizing an open social web through discussions at a single organization, and the OpenSocial Foundation board believes that working as an integrated part of W3C will help reach more communities that will benefit from open social standards." On 1 January 2015, opensocial.org began redirecting all page requests to https://www.w3.org/blog/2014/12/opensocial-foundation-moves-standards-work-to-w3c-social-web-activity/.
- 1 Structure
- 2 History
- 3 Usage
- 4 Security Issues
- 5 Release Versions
- 6 References
- 7 External links
In version 0.9 OpenSocial added support for a tag-based language. This language is referred to as OSML and allows tag-based access to data from the OpenSocial APIs that previously required an asynchronous client-side request. It also defined a rich tag template system and adopted an expression language loosely based on the Java Expression Language.
While OpenSocial has seen a decline in popularity among social networks, it is seeing wider adoption in enterprise companies in recent years as a pluggable extension mechanism for web products. Several of the leading vendors in enterprise social networks, IBM, eXo Platform and Jive Software, based their apps strategy on OpenSocial. Cisco is essentially betting the farm on it, making their Shindig-based container, Finesse, the only option for agent desktop integration software.
OpenSocial was rumored to be part of a larger social networking initiative by Google code-named "Maka-Maka", which is defined as meaning "intimate friend with whom one is on terms of receiving and giving freely" in Hawaiian.
An open source project, Shindig, was launched in December 2007, to provide a reference implementation of the OpenSocial standards. It has the support of Google, Ning, and other companies developing OpenSocial-related software. The Myspace OpenSocial parser was released as project Negroni in January 2011 and provides a C# based implementation of OpenSocial.
Apache Rave is a lightweight and open-standards based extensible platform for using, integrating and hosting OpenSocial and W3C Widget related features, technologies and services. It will also provide strong context-aware personalization, collaboration and content integration capabilities and a high quality out-of-the-box installation as well as be easy to integrate in other platforms and solutions.
Both Shindig and Apache Rave are no longer in development and have been retired by the Apache foundation.
Friendster has deployed APIs from version 0.7 of the OpenSocial specification, making it easy for existing OpenSocial applications using version 0.7 to be launched on Friendster and reach Friendster's over 75 million users. Friendster also plans to support additional OpenSocial APIs in the coming months, including the new 0.8 APIs.
Myspace Developer Platform (MDP) is based on the OpenSocial API. It supports social networks to develop social and interacting widgets. It can be seen as an answer to Facebook's developer platform.
Initial OpenSocial support experienced vulnerabilities in security, with a self-described amateur developer demonstrating exploits of the RockYou gadget on Plaxo, and of Ning social networks using the iLike gadget. As reported by TechCrunch on 5 November 2007, OpenSocial was quickly cracked. The total time to crack the OpenSocial-based iLike on Ning was just 20 minutes, with the attacker being able to add and remove songs on a user's playlist and access the user's friend information.
Hasel and Iacono showed that “OpenSocial specification were far from being comprehensive in respect to security”. They discussed different security implications in the context of OpenSocial. They introduced possible vulnerabilities in Message Integrity and Authentication, Message Confidentiality, and Identity Management and Access Control.
Criticism of Initial Release
Opened to much fanfare in news coverage, OpenSocial did not work well in the beginning; it only ran on Google-owned Orkut, and only with a limited number of gadgets, returning errors for other gadgets. Other networks were still looking into implementing the framework.
On December 6, TechCrunch followed up with a report by MediaPops founder Russ Whitman, who said "While we were initially very excited, we have learned the hard way just how limited the release truly is." Russ added that "core functionality components" are missing and that "write once, distribute broadly" was not accurate.
|Version||Release Date||Release Notes|
|2.5.1||August 30, 2013||View Release Notes|
|2.5.0||August 28, 2012||View Release Notes|
|2.0.1||November 23, 2011||View Release Notes|
|2.0.0||August 18, 2011||View Release Notes|
|1.1.0||November 18, 2010||View Release Notes|
|1.0.0||March 9, 2010||View Release Notes|
|0.9.0||April 15, 2009||View Release Notes|
|0.8.1||September 25, 2008||View Release Notes|
|0.8.0||May 27, 2008||View Release Notes|
|0.7.0||January 25, 2008||View Release Notes|
|0.6.0||December 21, 2007||View Release Notes|
|0.5.0||November 9, 2007||View Release Notes|
Common Containers were added that provided "a set of common services that Container developers can leverage for features like in-browser Gadget lifecycle event callbacks, Embedded Experiences, selection handlers, and action handlers." A new Metadata API gives OpenSocial applications the ability to adapt to the capabilities of different OpenSocial containers. The WAP authentication extension was deprecated.
OAuth 2.0 support was finalized in this version of OpenSocial.
OpenSocial introduced support for Activity Streams. JSON had emerged as the preferred data format and support for ATOM was deprecated. The Gadget format was simplified to give the ability to define a template library within a Gadget specification. While not finalized, the groundwork for OAuth 2.0 support was put in place.
In response to enterprise environment needs, OpenSocial added support for advanced mashup scenarios. It enabled gadgets to "securely message each other in a loosely coupled manner." This new feature was called Inter-Gadget Communication.
OpenSocial acknowledged that the "one-size-fits-all" approach it was taking was not going to work for the diverse type of websites that had adopted the platform. To address this issue, OpenSocial modularized into four compliance modules: Core API Server, Core Gadget Server, Social API Server, and Social Gadget Server. This allowed a developer to pick and choose the modules they wanted to use while using other services that aren't part of OpenSocial. Extensions were introduced to allow developers to extend OpenSocial containers.
This minor release placed a major focus on server-to-server protocols as "the Person schema has been aligned with the Portable Contacts effort, and an optional RPC proposal has been added." JSON-RPC protocol was added to increase server to server functionality. The RESTful protocol that was introduced in v0.8.0 underwent a large revision with several fields being added, modified, and deleted.
Released as the "first iteration that can fully support rich, social applications." It added several standard fields for profile information, the ability to send a message to install an application, an Activity template to control activity notifications about what users have been doing, and a simplified persistence API to use feeds instead of global and instance-scoped application data. Another major announcement came from Apache Shindig. Apache Shindig made gadgets open sourced. In coordination with this announcement, OpenSocial 0.7.0 introduced Gadget Specifications for developers to be able to define their gadgets using the Gadget API.
Security was a large focus in version 0.6.0. Permission controls were tightened to prevent a gadget from returning information if it is not authorized to do so. New classes were added, such as the Environment class to allow a gadget to respond differently according to its environment and the Surface class to support navigation from one surface to another. The Activities class was simplified based on developer needs and the Stream class was deprecated.
- "Google Launches OpenSocial to Spread Social Applications Across the Web – News announcements – News from Google – Google". googlepress.blogspot.com. Retrieved 2015-11-23.
- Mark Marum (2013-01-01). "OpenSocial Specification 1.0.0 Release Notes". GitHub. Retrieved 2015-11-28.
- "OpenSocial Foundation Moving Standards Work to W3C Social Web Activity". W3C. 2014-12-16. Retrieved 2014-12-17.
- "OpenSocial Foundation Moves Standards Work to W3C Social Web Activity W3C Blog". W3C. 2014-12-16. Retrieved 2015-12-01.
- Häsel, Matthias (2011-01-01). "Opensocial: An Enabler for Social Applications on the Web". Commun. ACM. 54 (1): 139–144. doi:10.1145/1866739.1866765. ISSN 0001-0782.
- "Open Social: a new universe of social applications all over the web". 2007-11-02. Archived from the original on November 2, 2007. Retrieved 2015-11-25.
- "OpenSocial Foundation". GitHub. Retrieved 2015-11-25.
- "OpenSocial Specification Release Notes". opensocial-resources.googlecode.com. Retrieved 2015-11-23.
- Helft, Miguel; Brad Stone (2007-10-31). "Google and Friends to Gang Up on Facebook". The New York Times. The New York Times Company. Retrieved 2007-10-31.
- Worldwide. "Finesse - Products & Services". Cisco. Retrieved 2014-07-12.
- Schonfeld, Erick (2007-10-29). "Google's Response to Facebook: "Maka-Maka"". TechCrunch. Retrieved 2007-10-31.
- "maka.maka". Nā Puke Wehewehe ʻŌlelo Hawaiʻi. Ulukau: The Hawaiian Electronic Library. Retrieved 2007-11-01.
- "Open Social Foundation Moves Standards Work to W3C Social Web Activity". Retrieved 2015-12-02.
- "What is OpenSocial? A Webopedia Definition". www.webopedia.com. Retrieved 2015-11-23.
- "Friendster Opens Platform to Developers". PCWorld. Retrieved 2015-12-02.
- ""hi5 Taps Widgetbox for OpenSocial Support and Access to the World's Widest Selection of Widgets." Science Letter 9 Sept. 2008: 4265. Academic OneFile. Web.". go.galegroup.com. Retrieved September 9, 2015.
- "Let me see my app!". February 5, 2008. Retrieved February 5, 2008.
- Arrington, Michael (2007-11-05). "OpenSocial Hacked Again". TechCrunch. Retrieved 2007-11-06.
- Arrington, Michael (2007-11-05). "OpenSocial Hacked Again". TechCrunch. Retrieved 2010-07-24.
- Häsel, Matthias; Iacono, Luigi Lo (2010-05-31). Decker, Bart De; Schaumüller-Bichl, Ingrid, eds. Security in OpenSocial-Instrumented Social Networking Services. Lecture Notes in Computer Science. Springer Berlin Heidelberg. pp. 40–52. doi:10.1007/978-3-642-13241-4_5. ISBN 978-3-642-13240-7.
- Schonfeld, Erick (2007-12-06). "OpenSocial Still "Not Open for Business"". TechCrunch. Retrieved 2010-07-24.
- Mark Marum (2013-01-01). "OpenSocial Specification 2.5.1 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 2.5.0 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 2.0.1 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 2.0.0 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 1.1.0 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 0.9.0 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 1.8.1 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 0.8.0 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 0.7.0 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Marum (2013-01-01). "OpenSocial Specification 0.6.0 Release Notes". GitHub. Retrieved 2015-11-28.
- Mark Hopkins (2007-11-09). "OpenSocial Container Pre-Release". Mashable. Retrieved 2015-11-28.
- Shindig Shindig was an open source implementation of the OpenSocial specification and gadgets specification.