Advanced REST Client blog
Blog for Advanced Rest Client - a Google Chrome application.

New Advanced REST Client - The Chrome app

Hi developers,

The new version of the Advanced REST client application build on Chrome platform is now available. It is new(ish) kind of Chrome apps that was introduced some time ago by Chrome team.
So what’s the big deal? The app was already working on Chrome platform before. Well, in so called packaged apps (the new ones) authors can deliver experience comparable to native apps.



In other words:
  • The app is seamlessly integrated into the desktop - unlike other web based apps
  • The app uses system’s app launcher like any other installable app
  • And finally the app can use new set of low level system APIs that I’ll describe below 


Previous versions of the app was built on GWT framework using its UI controls. Even if GWT was created for big and scalable apps it will never fit into flexible world of JavaScript apps as I need it to be. It was an opportunity for me to create new and much more advanced tool for you. New design was based on performance, security and scalability.

Performance


Framework used to build the app is Polymer with set of paper-* and iron-* web components. As Polymer authors described:
Polymer 1.0 has been rebuilt from the ground up for speed and efficiency.
The app was rebuilt for you to get all it can from the framework and to work fast and stable. Because Chrome uses newest standardized JavaScript APIs and V8 engine (the same that node.js is using) the app can do more much quicker.

Sockets instead of XHR

Transport for the requests you make in the app was replaced by low level sockets API. I’ve created a library that implements HTTP protocol on sockets in JavaScript. Thanks to new approach the app do not have any of the limitations that has been imposed to the XHR object or Fetch API. You can literally get all you can from the HTTP spec because all the data will be sent directly using the socket. This also includes setting up User-Agent header that you’ve requested so many times and resolves all caching problems - there is no caching at all!

Security


Chrome apps have higher level of security. It's so called Content Security Policy. It means - among others - that some JavaScript functions are disabled. It was designed this way to be sure that only author’s code is executed in the app. There is no way to perform many known types of attacks because only author of the app is able to execute code inside the app’s sandbox.
Even OAuth authorization is more secured in Chrome Apps because token exchange is happening in Chrome internally. So when you - for example - save a request on Google Drive you can be sure that the access token can’t be leaked outside the app, and other apps / scripts can’t use the token to authorize their requests.

Scalability


The app is scalable in terms of usage and it’s development. All features, system architecture and design was considered before coding phase. There is a roadmap for the app (that I’ll publish soon) and new app is ready to implement many new features that will help you debug and test your APIs.
Here I’d like to mention that I’m listening your opinions which are very important. They usually influence app design and development. If this is something that developers community can accept and feels that this is useful in APIs development there’s no argue about implementing it in the app. You can discuss ideas on app’s issue tracker.

That’s all for now. I’m waiting for your feedback in comments section and on issue tracker.
See you soon and happy RESTing!