I have a web application which loaded in the iFrame of other web application (both are from same domain).
I have enabled "Allowed - Cross site-Website tracking" option but it loses session when accessing site in iframe.
It works fine with the same configuration in iPhone Chrome and Safari (separate configuration under Setting -> Safari -> Prevent Cross-Site Tracking.
Related
I currently developing a ASP.NET web application.
The problem is that I open this web application in chrome,
then chrome browser is automatically closed and internet explorer browser is opened.
I don't know why chrome web browser is closed.
Is problem in IIS setting? or in Asp.NET code?
In VS2022, see the below screenshot to open IIS in chrome
Click on Local IIS dropdown
Go to Web Browser -> Click on Google Chrome
This will reflect Local IIS(Google Chrome)
I have 2 applications one is asp .net application with MSAL.Net and other one is power apps application, I used iframe for silent login and it was working everywhere before chrome and firefox upgrade. After upgrading chrome and firefox browser it stop working into Incognito mode of chrome and Private mode of firefox stop working and giving below errors.
From Chrome
From Firefox
Can you please help me to resolve this issue by code instead manually do browser setting
Thanks,
Sandy
Chrome 83+ in incognito mode, has an option by default
(x) Block third-party cookies in Incognito. Disable this.
As a proper fix, use a custom domain name so that the browser no longer considers it a third party:
https://learn.microsoft.com/en-us/azure/active-directory-b2c/custom-domain?pivots=b2c-custom-policy
In private mode, please enable cookies in your browser in order for msal to work properly. This information has to be added to your cookie policy as well to make the users of your application aware.
Having file:// links within a website e.g. http://localhost will not open because of security reason.
In IE and Firefox it's possible to allow such access either in the "Trusted Sites" & "Local Intranet" from IE or to configure a policy in Firefox:
I can't figure out a way in Chrome or Edge. Searching the web I came across solutions like the --allow-file-access-from-files flag, but that does not work in Chrome 77.0.
Also there are some extensions which enable that behavior:
Enable local file links
I believe there must be some similar way with policies like in Firefox?
EDIT: update 22.03.2021
Chrome Version 89.0.4389.90
Edge Version 89.0.774.57
Result:
Not allowed to load local resource: file:///D:/temp/demo.pdf
Demo HTML:
<html>
<body>
file://fileserver/demo.pdf<br/>
file:///d:/temp/demo.pdf extra slash according to https://en.wikipedia.org/wiki/File_URI_scheme
</body>
</html>
[Update 2022]
As mentioned by flavio.donze, since Edge v95 there is a new policy:
IntranetFileLinksEnabled
https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#intranetfilelinksenabled
Allow intranet zone file URL links from Microsoft Edge to open in Windows File Explorer
If you enable this policy, intranet zone file URL links originating from intranet zone HTTPS pages will open Windows File Explorer for that file or directory.
So to get this to work, you have to use HTTPS and specify the site as a site being in the intranet zone.
[Outdated - old answer]
Yes, there is a similar policy in Edge (v88 or later), but it only works in conjunction with IEMode:
InternetExplorerIntegrationLocalFileExtensionAllowList
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policies#internetexplorerintegrationlocalfileallowed
When a file:// URL is requested to launch in Internet Explorer mode, the file extension of the URL must be present in this list in order for the URL to be allowed to launch in Internet Explorer mode. A URL which is blocked from opening in Internet Explorer mode will instead open in Edge mode.
InternetExplorerIntegrationLocalFileShowContextMenu
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policies#internetexplorerintegrationlocalfileshowcontextmenu
This policy controls the visibility of the 'Open link in new Internet Explorer mode tab' option on the context menu for file:// links.
InternetExplorerIntegrationLevel: IEMode (1) = Internet Explorer mode
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policies#internetexplorerintegrationlevel
[Other browsers]
The alternatives are, as you already stated above in your question:
Use Firefox with the local file links policy
Use a Chrome/Edge extension, e.g. Enable local file links
There is a new GPO introduced in Edge 95: IntranetFileLinksEnabled
But as stated here, it might only solve the problem for some scenarios: https://stackoverflow.com/questions/69708560/edge-policy-intranetfilelinksenabled-enabled-does-not-open-file
Because only the windows-explorer is opened and not the actual file:
file://power/share/demo.txt<br/>
file://power/share/demo.docx<br/>
file://power/share/demo.pdf<br/>
file://power/share/demo.html<br/>
This setting allows file URL links to intranet zone files from
intranet zone HTTPS websites to open Windows File Explorer for that
file or directory.
If you enable this policy, intranet zone file URL links originating
from intranet zone HTTPS pages will open Windows File Explorer for
that file or directory.
If you disable or don't configure this policy, file URL links will not
open.
Is it possible to create a Chrome shortcut that will launch a web app in such a way that users will not be able to view or access the URL of the web app via Chrome, e.g., via the address bar, status bar, developer tools, etc. If not, would it be possible if I packaged the web app as a Chrome app? I should note that I am not concerned about the shortcut itself containing the URL, e.g., in its "Properties", because I already have an executable will which launch the shortcut. All I care about is the user not being able to view the app from within Chrome itself once the app has been launched, at least not easily.
I have tried adding Chrome flags/switches, namely, kiosk mode, fullscreen mode, and app mode, but none of them work 100% as needed. Kiosk and fullscreen modes will launch as such only if no other instances of Chrome are open; if another instance of Chrome is already open, both modes will launch in a regular view mode in which users can see the URL in the address bar. App mode (I added "--app=http://www.example.com" to the end of the "Target" property of the shortcut) is promising because it launches with no browser chrome, but I notice that if I refresh the page while in app mode, I can see the URL both in the top window bar and the bottom-left status bar. Also, app mode doesn't prevent the user from opening Developer Tools, which makes viewing the URL trivial.
Any ideas welcome!
I am working on a product that uses the camera access from the browser. I need to create a help page for users so that if there is an issue they can check the browser camera settings.
Chrome browser has a very nice page for enabling and disabling camera access permissions for a website.
https://support.google.com/chrome/answer/2693767?hl=en
Was wondering if there are similar pages for other browsers mainly Firefox or safari?