Jobs Offers Developers Web 2.0 Apps For iPhone

Applications built for the iPhone would run in a sandbox separate from the device's operating system to keep hackers out.
Apple says it plans to let developers build Web 2.0 applications for the iPhone, a move that slightly opens the door to a mostly closed environment.

Steve Jobs made the announcement Monday toward the end of his opening keynote at the Worldwide Developers Conference in San Francisco. Most of the speech was dedicated to new features in Leopard, the next version of Mac OS X that ships in October.

In offering mobile developers a bit of hope for getting their applications on the iPhone, Jobs said the combo cell phone and digital music player, which ships June 29, would contain a full-featured version of Safari 3. The latest upgrade of Apple's Web browser was released in beta for PCs and Macs on Monday.

As a result, developers could leverage the tools they use to build applications in Ajax, and run them through Safari to call iPhone services, Jobs said. Ajax is a development technique that uses JavaScript and XML to create interactive Web applications. Web 2.0 companies like and Google make extensive use of the technique.

A demonstration by Scott Forstall, Apple's VP of iPhone software, during the keynote showed an Ajax application that had a diagram of the location of Apple employees connected to an internal database of their telephone numbers. Clicking on the numbers could initiate a call.

Unlike Windows Mobile from Microsoft, which provides application programming interfaces to developers, Apple has chosen to keep tight control of the iPhone's operating system, arguing that it's the best strategy to maintain security and high performance. Ajax applications built for the iPhone would run in a sandbox separate from the device's operating system to keep hackers out.

In playing up the use of Ajax, Jobs said, "We think we have a really sweet story for you," he told attendees. "You can start building your iPhone applications today."

Developers, however, were less enthusiastic. "It's interesting. I'm glad they're doing it," Ethan Schoonover, a conference attendee and developer who blogs at, said. "It's a nice first step."

While Jobs insists the use of Ajax would be secure, the programming technique has created vulnerabilities on Web sites, because of its use of JavaScript. Popular social network MySpace, for example, lets users upload content using the scripting language, which has brought some security headaches.

There's been several instances where malicious code planted cross-site scripting in a MySpace account that transfers itself to visitors' computers. One, for example, planted the message "Sammy is my hero" on thousands of MySpace pages.