Restrictions
The Plugin Framework is specifically designed to protect the security of the user and protect the user experience. While plugins are based on standard HTML, CSS and Javascript the full complexity of a modern browser is not supported.
As such, these are some restrictions to keep in mind as you build your plugin’s user interface.
Modifying the Banno UI/UX
Plugins are rendered as UI summary cards on the Dashboard of our apps. An optional primary action leads users to a full-screen view of content.
Plugins
cannot modify any part of Banno’s UI beyond the designated area of their Dashboard card. See the User Interface topic for more details.
Opening New Windows
The Plugin Framework does not support opening new windows for Banno Mobile and Banno Online.
Instead, plugins
should make use of the primary action button. This natively-drawn button can be used as a call-to-action that leads to a full-screen view of your plugin content. See the User Interface topic for more details.
Navigating Back to Online Banking
For Banno Online, the full-screen view of your plugin
content is displayed in the user’s browser as a complete web page. It is highly recommended to provide a link back to the Dashboard from the full screen view.
For Banno Mobile, the full-screen view of your plugin content is displayed in a full screen web view with a “Done” button. Users can navigate from your plugin
content back to online banking by tapping the “Done” button. The full-screen view will be closed and the user will be returned to the Dashboard. See the User Interface topic for more details.
Suppressing Plugins for a Single Channel
Plugins are displayed for both Banno Mobile and Banno Online. There is no way to suppress a plugin
from appearing in a single channel.
Plugins should be designed to be responsive and adapt to a variety of screen sizes to accommodate a great user experience for both Banno Mobile and Banno Online users.
Rendering PDFs
PDFs are potentially challenging for plugins.
The iOS operating system includes a built-in PDF renderer. However, you may find multi-page PDFs unscrollable.
The Android operating system does not include a built-in PDF renderer. The operating system relegates PDF rendering to an external app and not all devices have one installed.
Geolocation
The Plugin Framework does not support geolocation.
Sandboxing
In Banno Online, plugins
are loaded in a sandboxed iframe. The sandboxed iframe allows 3rd party content to be loaded without compromising the security of Banno Online. Since plugins load in both Banno Online and Banno Mobile, some of the sandbox restrictions prevent developers from attempting actions that will not work in a native mobile application.
These are the iframe sandbox attributes which are enabled:
allow-downloadsallow-formsallow-modalsallow-same-originallow-scriptsallow-top-navigation-by-user-activation
Learn more about operating safely within sandboxed iframes.
Content Security Policy (CSP)
Banno Online applies a Content Security Policy (CSP) for enhanced security. The implication for plugins is that JavaScript and CSS handling are limited by what is allowed in the CSP.
The CSP is dynamically updated when Redirect URIs are added to an External Application.
If your JavaScript or CSS is denied by the CSP (e.g. because they are hosted by a different domain than what is configured for the plugin’s Card Face or Expanded View):
- Update the appropriate External Application with an additional Redirect URI which points to the domain where the JavaScript or CSS is hosted.
Camera Access
The Plugin Framework does not support accessing the user’s camera.
Address Book / Contacts
The Plugin Framework does not support retrieving the user’s address book / contacts.