# LINE Front-end Framework
LINE Front-end Framework (LIFF) is a platform for web apps provided by LINE. The web apps running on this platform are called LIFF apps.
LIFF apps can get data from the LINE Platform such as the LINE user ID. The LIFF app can use such data to provide features that utilize user information and send messages on the user's behalf.
For more information on functions added to LIFF v2, see the Release Notes.
Currently, LIFF apps are not officially supported in OpenChat, which means some functions don't work. For example, retrieving a user's profile information through a LIFF app isn't possible in most cases.
# Recommended operating environment
The recommended versions of operating systems and LINE for LIFF are as follows.
Which functions you can use depends on whether the LIFF app is opened in a LIFF browser or an external browser. For example, you can't use
liff.scanCode() in an external browser. For more information, see the LIFF v2 API reference.
# When the LIFF app is opened in a LIFF browser
|Item||Recommended environment||Minimum operating environment|
|iOS||Latest version. WKWebView (opens new window)will be used.||In accordance with the recommended system specifications for LINE. *|
|Android||Latest version||In accordance with the recommended system specifications for LINE. *|
We recommend that you use the latest versions of OS and LINE for LIFF apps. Even on versions later than the "Minimum operating environment" listed above, some features may not work or the screen may not be displayed properly depending on the settings.
* For more information on the recommended system specifications for LINE, see Recommended system specifications for LINE (opens new window) in Help Center.
# When the LIFF app is opened in an external browser
LIFF apps run on the latest version of these browsers:
Microsoft Edge, Google Chrome, Firefox, Safari
# LIFF browser
LIFF browser is a browser specifically for LIFF apps. When a user opens a LIFF URL in LINE, the LIFF app opens in a LIFF browser.
Since LIFF browser runs within LINE, the LIFF app can access user data without having to prompt users to log in. The LIFF browser also provides features that are specific to LINE, such as being able to share the LIFF app and sending a message to a friend.
# Size of the LIFF browser
The LIFF browser can be displayed in one of these three sizes.
Set the view size when you add the LIFF app to your channel. For more information, see Adding a LIFF app to your channel.
# The share button
LIFF apps with the size of the LIFF app view set to Full display a share button in the header by default.
Users can use this button to share the LIFF app with their friends. When a user taps the share button, the following options appear:
|Share||Shares the URL of the current page via a LINE message.|
|Refresh||Reloads the current page.|
Enable Module mode of the LIFF app in the LINE Developers Console to hide the share button. For more information, see Adding a LIFF app to your channel.
The share button will be available on LINE versions 10.12.0 or later for iOS and Android.
The share button gets the URL to share by executing the
liff.permanentLink.createUrl() method. Therefore, if the URL of the current page doesn't start with the URL specified in Endpoint URL of the LINE Developers console, the URL can't be obtained and sharing will fail.
Enable Module mode of the LIFF app in the LINE Developers console to hide the share button. For more information, see Adding a LIFF app to your channel.
# Development guidelines
When developing your LIFF app, make sure to follow these guidelines:
When using user information in LIFF apps and servers, the LIFF app will be vulnerable to spoofing and other types of attacks if it doesn't properly handle the user information. For details on how to securely use the information of the user who opened the LIFF app in the LIFF app and server, see Using user information in LIFF apps and servers.
The URL fragment of the page opened with a LIFF app includes data such as an access token and user ID, so be careful of data leakage.
Don't change the URL during server or front-end processing before the
Promise object returned by the
liff.init() method is resolved. If you change the URL, it will return 'INIT_FAILED' and the LIFF app can't be opened.
For more information on other precautions when initializing the LIFF app, see Initializing the LIFF app.
- When the LIFF app is started, it immediately opens the endpoint URL specified in Adding a LIFF app to your channel. Call
liff.init()before changing the URL. If you call
liff.init()after changing the URL,
INIT_FAILEDwill be returned.
- To build a LIFF app as an SPA (single page application), use the History API (opens new window). LIFF has limited compatibility with routing using fragments.
- When you implement an API that uses any of the device or OS functions listed below, implement the API so that user actions trigger API calls.
- Getting location information
- Accessing the camera
- Accessing the microphone
- Do not track a user with cookies, localStorage, or sessionStorage or link LINE user information with external session information without getting the user's consent.
- During your application's test phase, limit access privileges for the LIFF app through your web app.
- The URL scheme of the LIFF app and any content that is opened in the LIFF app must be https. If the URL scheme is http, the content is displayed in LINE's in-app browser. In this case, even if the web app has been registered as a LIFF app, it does not function as a LIFF app.
To enable the use of the LIFF app by the end user, follow these steps: