Profile views are back!

Friday, May 1, 2009 at 6:34 AM

Posted by Rahul Kulkarni, Product Manager

We're happy to announce that applications that use server-side templates and data pipelining now show up in the profile view on orkut. Data pipelining allows you to specify the data that you want to use in your application, while templates let you describe how to render the app. If you haven't already, you can get started creating your profile views with templates and data pipelining using this tutorial.

As you may remember, we had temporarily disabled profile views for OpenSocial applications on orkut to help prevent the phishing attacks occurring in a small subset of applications. The addition of template values, which are HTML-escaped by design, will help reduce applications' vulnerability to issues like XSS moving forward. Enabling data pipelining and templates also reduces the number of round trips between orkut and your server, making your application render faster.

For all of you with applications that currently show up in profile view without templates, you'll have until May 31st to make the switch. After that date, all apps not using templates will be removed from profile view.

We know that it's not easy to make changes to your applications and would like to thank you for the patience and support that you've shown. We're confident that these changes will improve the apps experience for orkut users.

Server protocol signing changes

Monday, April 6, 2009 at 10:03 PM

Posted by Vijaya Machavolu, orkut team

For developers using the REST and RPC endpoints to access the social data on orkut, we'd like to announce the following alterations we've made to the underlying implementation:

• We now require the content-type header of the requests to be application/json instead of application/x-www-form-urlencoded

• We have added a new method for signing the request using body hashes.

For more details, please see the post on the OpenSocial blog.

As always, if you have any questions or just want to chat about the platform, the developer forum is always available.

Using templates and data pipelining for app profile view

Friday, March 6, 2009 at 2:48 AM

Posted by Vijaya Machavolu, orkut team

We're excited to announce the availability of server-side OS templates and data pipelining on the orkut sandbox. Data pipelining allows you to specify the data you want to use in your app, while templates let you describe how to render the app - all using a markup language (that's right, no JavaScript!). Using data pipelining and templates will reduce the number of round trips between the container and your server, making your app render faster. Moreover, template values are HTML-escaped thus plugging many XSS vulnerabilities automatically.

Since the profile view of an app doesn't require interactivity, server-side OS templates and data pipelining are a good fit for this view. We will soon be rendering apps that use these templates in the profile page. Our goal is to eventually allow only server-side OS templates in the profile view and at that point, all other active content including JavaScript and Flash will be stripped out when displaying the profile view of an app. We are confident that by leveraging these features, you will generate more usage for your apps, with reduced latency and make them safer for users.

These new features are currently available on the orkut sandbox, so you can start developing with them today. For more information (including examples), please see the OpenSocial Templates Developer's Guide , the OpenSocial Templates tutorial and the Data Pipelining tutorial. We know that OS templates are currently missing some capabilities that are required to build good profile views. At the top of our list are support for os:NavigateToView and ability to interpret JSON appdata. We'll be adding them soon.

Do check them out and give us your feedback.

Get the picture!

Tuesday, February 10, 2009 at 10:55 AM

Posted by Jason Cooper, orkut team

Late last week, we added API support for fetching albums and photos via apps running in the sandbox. Now your applications can request and display the viewer's public albums, enabling you to create an even richer, personalized experience for users.

To help you get started, we have published a tutorial which describes the new API calls available and how to use them. An API reference is also available on the OpenSocial wiki.

Since the Albums API is only available on the sandbox for now, please hold off on submitting your apps to the directory if they depend on this API. We will publish a new post when the Albums API is generally available.

Learn more about how Google is using OpenSocial and other technologies to make the web social at Google I/O, Google's annual developer conference, coming up in May. Early registration is now open.

OpenSocial Applications on orkut profiles

Thursday, February 5, 2009 at 5:01 PM

Posted by Vijaya Machavolu, orkut team

The orkut team is aware that a small subset of OpenSocial applications are being used to spread phishing attacks to orkut users. In order to ensure that we maintain our rigorous security standards, we have temporarily removed all applications from users' profile pages.

The functionality of these applications will not be affected. We're working on bringing these applications back to users' profile pages as quickly as possible, and applications will begin to reappear as this process continues.

Users can still access applications from the left nav bar and open them in canvas view. Applications will also continue to have access to the same API, allowing them to send messages and post updates to activity streams. We have found these to be the main drivers of application usage and believe that applications should continue to enjoy the same popularity.

This is the first step we're taking to help make applications safer and faster for our users. We'll be sure to keep you posted about these changes, so please stay tuned for updates. To learn more about building safe applications for orkut, please check out this blog post or visit the developer forum.

Platform Updates

Wednesday, January 28, 2009 at 12:22 AM

Posted by Vijaya Machavolu, orkut team

Here are some updates from the past week :

An orkut user's political views field (opensocial.Person.Field.

POLITICAL_VIEWS) will no longer be returned as a part of the Person data in the OpenSocial APIs. We have removed this field because of the classification of political views as sensitive information in some jurisdictions.

The REST and RPC support which was originally introduced on the sandbox is now available in production on www.orkut.com. Now you can make REST calls to orkut using the endpoint : http://www.orkut.com/social/rest/ and RPC calls using the endpoint: http://www.orkut.com/social/rpc/

Please see the orkut Server to Server developers' guide for details on using REST to retrieve orkut data from an external server.

J2Play– helping to make your applications more social

Monday, January 26, 2009 at 11:43 AM

We're constantly looking for ways to help you create the best applications for orkut users. The success of OpenSocial applications on the orkut platform is often tied to how social they are. Recently, we were contacted by the folks at J2Play about a tool they are offering that's designed to add social elements to your apps. While we don't specifically endorse the tools that we highlight here in the blog, we thought enough of you might be interested in this resource that it would be worth sharing. Check it out:

J2Play's Social Games Platform

J2Play's Social Games Platform helps flash and PC game developers quickly and easily add social features to their games. Here are some highlights of the platform:

• Over seven simple social features (including chat, profiles, and comments) that you can add to your app without having to worry about any additional coding
• Ability for your app to automatically generate feeds, notifications, invites, and a profile box
• Membership in the J2Play social games network, designed to help your app spread virally
• More than five engagement features including leaderboards, player badges, challenges, multi-player mode, and the ability to earn money via ad revenue
  

FancyPants Adventure is just one example of a game that used the J2Play platform to add features like leaderboards and player badges in order to become more social and in turn create a richer and more engaging experience for its users. Check out a screenshot to see these additions in action:

To learn more about J2Play, take a look at the developer wiki they've created. You can also feel free to contact the folks at J2Play with any additional questions you might have at: developer@j2play.net.

Do you have tools, tips or tricks that you think other developers could benefit from? If so, please feel free to let us know.

Hope you found this post informative, and we're looking forward to seeing your apps become even more social!

Posted by Miles Johnson, Marketing Manager.