locked
File Open Picker Contract

    Question

  • After I installed Windows Phone SDK, there is a new FileOpenPicker contract appeared in my app of Windows Metro. It is unexpected and confusion. It was displayed without the permission of app owner. In similar way Windows 8 showed the camera as a FileOpenPicker contract, but Windows 8.1 removed. This kind of uncertain factors make app user confusion. In this way people can design malware to be attached to any apps.

    Friday, March 14, 2014 4:08 PM

All replies

  • This is expected. See Integrating with file picker contracts.

    Your app talks to the file open and save pickers, and the pickers talk to any apps which support those contracts. This lets the user choose from any locations the user has installed without the app needing to be specifically written for the new locations.

    --Rob

    Friday, March 14, 2014 6:08 PM
    Moderator
  • The reference article talked about provider and does not answer my concerns.

    My question is that the third party's file picker providers appear on my file picker list of my app without my permission. My app has a contract with file picker does not automatically mean my app has a contract with all providers. Current design raised security, privacy, user experience concerns. It provides a loophole.

    App users need a warning and permission that a file picker contract will be displayed in their file picker.

     

    Sunday, March 16, 2014 8:04 PM
  • This is the point behind file picker extensions. The app doesn't need to be aware of them.

    The app talks to the file picker. The file picker talks to the extensions. The apps and extensions don't need to be aware of each other and the user gets the benefit of all extensions in all apps.

    Why do you think this is a security issue? Everything is under the user's control here.

    --Rob


    Sunday, March 16, 2014 8:38 PM
    Moderator
  • The file picker provider or app extension can be thought as plug-in. When a plug-in wants to attach on a browser, browser owner has the right to accept or refuse the plug-in. The potential security problem of plug-in is well known. That is similar in app extension case.

    BTW The contract design supposes that a contract is transferable but in many cases a contract is non-transferable. 

    Monday, March 17, 2014 1:04 PM