# LINE Front-end Framework
LINE Front-end Framework (LIFF) is a platform for web apps provided by LINE. The web apps running on this platform are called LIFF apps.
LIFF apps can get data from the LINE Platform such as the LINE user ID. The LIFF app can use such data to provide features that utilize user information and send messages on the user's behalf.
For more information on functions added to LIFF v2, see the Release Notes.
Currently, LIFF apps are not officially supported in OpenChat, which means some functions don't work. For example, retrieving a user's profile information through a LIFF app isn't possible in most cases.
# Operating environment
LIFF supports the following versions of operating systems and LINE.
Which functions you can use depends on whether the LIFF app is opened in a LIFF browser or an external browser. For example, you can't use
liff.scanCode() in an external browser. For more information, see the LIFF v2 API reference.
# When the LIFF app is opened in a LIFF browser
The LIFF browser supports the following environments:
- iOS: version 11 or later. WKWebView (opens new window) is used.
- Android: version 5.0 or later
- LINE: version 9.14.0 or later
Depending on the platform and LINE version, some features may not work or the screen may not be displayed properly.
# When the LIFF app is opened in an external browser
LIFF apps run on the latest version of these browsers:
Microsoft Edge, Google Chrome, Firefox, Safari
# LIFF browser
LIFF browser is a browser specifically for LIFF apps. When a user opens a LIFF URL in LINE, the LIFF app opens in a LIFF browser.
Since LIFF browser runs within LINE, the LIFF app can access user data without having to prompt users to log in. The LIFF browser also provides features that are specific to LINE, such as being able to share the LIFF app and sending a message to a friend.
# Size of the LIFF browser
The LIFF browser can be displayed in one of these three sizes.
Set the view size when you add the LIFF app to your channel. For more information, see Adding a LIFF app to your channel.
# The share button
LIFF apps with the size of the LIFF app view set to Full display a share button in the header by default.
Users can use this button to share the LIFF app with their friends. When a user taps the share button, the following options appear:
|Share||Shares the URL of the current page via a LINE message.|
|Refresh||Reloads the current page.|
Enable Module mode of the LIFF app in the LINE Developers Console to hide the share button. For more information, see Adding a LIFF app to your channel.
The share button will be available on LINE versions 10.12.0 or later for iOS and Android.
# Development guidelines
When developing your LIFF app, make sure to follow these guidelines:
When using user information in LIFF apps and servers, the LIFF app will be vulnerable to spoofing and other types of attacks if it doesn't properly handle the user information. For details on how to securely use the information of the user who opened the LIFF app in the LIFF app and server, see Using user information in LIFF apps and servers.
The URL fragment of the page opened with a LIFF app includes data such as an access token and user ID, so be careful of data leakage.
When users are first redirected to the endpoint URL (primary redirect URL), execute the
If executing the
liff.init() method except for the above timing,
INIT_FAILED is returned and the LIFF app can't be opened.
For more information, see Behaviors from accessing the LIFF URL to opening the LIFF app.
- When the LIFF app is started, it immediately opens the endpoint URL specified in Adding a LIFF app to your channel. Call
liff.init()before changing the URL. If you call
liff.init()after changing the URL,
INIT_FAILEDwill be returned.
- To build a LIFF app as an SPA (single page application), use the History API (opens new window). LIFF has limited compatibility with routing using fragments.
- When you implement an API that uses any of the device or OS functions listed below, implement the API so that user actions trigger API calls.
- Getting location information
- Accessing the camera
- Accessing the microphone
- Do not track a user with cookies, localStorage, or sessionStorage or link LINE user information with external session information without getting the user's consent.
- During your application's test phase, limit access privileges for the LIFF app through your web app.
- The URL scheme of the LIFF app and any content that is opened in the LIFF app must be https. If the URL scheme is http, the content is displayed in LINE's in-app browser. In this case, even if the web app has been registered as a LIFF app, it does not function as a LIFF app.
To enable the use of the LIFF app by the end user, follow these steps: