Move xdg-native-messaging-proxy under Flatpak project

Thu Jun 26 07:10:52 UTC 2025

I can keep the current portal implementation parallel with the
xdg-native-messaging-proxy on the Mozilla side if that would suit
everybody. The native messaging portal as Ubuntu guys have implemented can
be removed later when it won't be needed anymore. To move forward we really
need to make the xdg-native-messaging-proxy part of flatpak
https://github.com/flatpak/. Since we all agreed on that (I hope) who can
do the actual job?

On Thu, Apr 24, 2025 at 8:00 AM Jan Grulich <jgrulich at redhat.com> wrote:

> Hi,
>
> to keep the ball rolling.
>
> CC: @rob at robwu.nl <rob at robwu.nl>
>
> po 14. 4. 2025 v 19:03 odesílatel Jan Grulich <jgrulich at redhat.com>
> napsal:
>
>>
>>
>> st 9. 4. 2025 v 20:10 odesílatel Georges Basile Stavracas Neto <
>> georges.stavracas at gmail.com> napsal:
>>
>>> Thanks for the email
>>>
>>> Concretely, moving the project to under https://github.com/flatpak/ is
>>> not any sort
>>> of technical challenge - just needs someone with elevated permissions to
>>> do it.
>>>
>>> The interesting question is if there's enough consensus on the whole
>>> approach.
>>> Personally, I agree that something like xdg-native-messaging-proxy is
>>> better off
>>> living in a separate service, given we have extensive knowledge on the
>>> issues
>>> and design mishaps of the whole thing.
>>>
>>> What I'd like to know is if Firefox folks would be open to changing
>>> their patches
>>> slightly to it.
>>>
>>
> Rob said on https://bugzilla.mozilla.org/show_bug.cgi?id=1955255#c4:
>
> Even now, that implementation is disabled by default (
> https://searchfox.org/mozilla-central/rev/dd8b5213e4e7760b5fe5743fbc313398b85f8a14/modules/libpref/init/StaticPrefList.yaml#18350-18357)
> with a custom patch to toggle the preference on Snap builds for Ubuntu:
> https://github.com/canonical/firefox-snap/blob/032405220c879daa9454a7e7aff821ec3009533c/patches/native-messaging-portal.patch
>
> The feature was intentionally off by default in Firefox to allow
> stabilization of the feature, including potentially changing parts of the
> protocol.
>
> So my understanding is there can be changes to the Firefox implementation,
> but there is a concern about Ubuntu, which already ships this and would
> break with the changes from @Jan Horak <jhorak at redhat.com>, unless we
> figure out how to support both versions, which I guess can share some parts
> of the code.
> Jan Grulich
>
> There is discussion about this topic in this Firefox upstream ticket:
>> https://bugzilla.mozilla.org/show_bug.cgi?id=1955255
>>
>>
>>> Does anybody else have thoughts on this?
>>>
>>> With respect,
>>> Georges
>>>
>>> Em ter., 8 de abr. de 2025 às 12:48, Jan Grulich <jgrulich at redhat.com>
>>> escreveu:
>>>
>>>> Hi,
>>>>
>>>> It’s been three years since the first pull request was made to add a
>>>> portal for WebExtensions
>>>> <https://github.com/flatpak/xdg-desktop-portal/pull/705> to
>>>> xdg-desktop-portal. This version of the portal has been added to Ubuntu
>>>> packages, but it has never been part of any xdg-desktop-portal release.
>>>> Recently, there were attempts to push this portal forward, so a new
>>>> pull request was opened
>>>> <https://github.com/flatpak/xdg-desktop-portal/pull/1537>, keeping the
>>>> same portal API, just the code was rebased and updated with some additional
>>>> fixes, but ended up in the same situation → not being MERGED. This sparked
>>>> some discussion about whether such a portal should be part of
>>>> xdg-desktop-portal at all. Sebastian Wick <sewick at redhat.com> had the
>>>> idea to create a separate small service and called it
>>>> xdg-native-messaging-proxy
>>>> <https://github.com/swick/xdg-native-messaging-proxy>. This service
>>>> takes the core of the original portal for WebExtensions, but exposes it on
>>>> a bus address which only is accessible to sandboxed apps if they declare
>>>> talk permission via their manifest and thus get marked as potentially
>>>> unsafe. This addresses the concerns that the xdg-desktop-portal APIs are
>>>> supposed to be secure for sandboxed applications.
>>>>
>>>> It seems the consensus is to go with the separate
>>>> xdg-native-messaging-proxy service, and the original portal will never
>>>> officially be part of xdg-desktop-portal, so I would like to propose moving
>>>> xdg-native-messaging-proxy under the flatpak project. The reason for this
>>>> is that I would like to make this the "official" solution, and having it as
>>>> someone else's project won't get applications to start adopting it. Also an
>>>> official Flatpak project will likely get more contributors, reviews and
>>>> bugs. We're also stuck with the adoption of the xdg-native-messaging-proxy
>>>> on the Firefox side, where unfortunately the original portal support
>>>> was merged in <https://phabricator.services.mozilla.com/D140803>,
>>>> although it was never anything official and is unlikely to be changed and
>>>> reviewed until we get a clear upstream decision.
>>>>
>>>> What are your thoughts on this proposal? What would be the necessary
>>>> steps if we decide to move forward with integrating xdg-native-messaging
>>>> into the Flatpak project?
>>>>
>>>> Regards,
>>>>
>>>> Jan Grulich
>>>>
>>>>
>>>>
>>>>
>>
>

-- 
Jan Horak
Senior Software Engineer
Red Hat
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/flatpak/attachments/20250626/4b7760c4/attachment.htm>