The chrome.cookies.set API receive url as one of its parameter, from which cookie's domain and path is calculated.
For example, if url's value is https://stackoverflow.com, then domain is stackoverflow.com, while path is /.
The issue is, how to set a cookie with stackoverflow's subdomain: .stackoverflow.com. In other words, we want to have a cookie whose domain value is .stackoverflow.com
I've tried two approaches, none of them work.
{ url: https//*.stackoverflow.com }
{ url: https//.stackoverflow.com }
What you mean is actually setting a cookie for all subdomains if you want to set .stackoverflow.com.
From my experience the API method chrome.cookies.set will set cookies for both: domain and all subdomains, when you specify the domain:
chrome.cookies.set({
url: 'https//stackoverflow.com/?sth',
domain: 'stackoverflow.com',
name: 'some_cookie',
value: 'cookie_value'
})
Will result in two cookies created for the page:
some_cookie:cookie_value:stackoverflow.com
some_cookie:cookie_value:.stackoverflow.com
To set only a cookie for the main domain you should set URL and let Chrome set the domain based on that.
You can use { url: "https//stackoverflow.com", domain: ".stackoverflow.com" }
Tested on Google Chrome version 107.0.5304.88
if you omit the domain, then the domain will be host-only like stackoverflow.com, and if you specified the domain, the domain will always be a subdomain like .stackoverflow.com
see https://developer.chrome.com/docs/extensions/reference/cookies/#method-set
We can distinguish between domain and subdomain by the domain field in chrome.cookies.set, but we can't distinguish them in chrome.cookies.remove, because it only accept url name and storageId but no domain field. If we use chrome.cookies.remove, it will remove both domain and subdomain.
So if we want to remove only one of them, we can use chrome.cookies.set like this:
chrome.cookies.set({ ...cookie, domain: cookie.domain.startsWith('.') ? domain : undefined, expirationDate: 0 })
Related
i am facing issues in SSRS configuration:
A. i have two domain URL (https://xyz.domain1.com) and (ttps://abc.domain2.com).
B. i have certificate for each domain like
xyz.domain1.com - certificate one (*.domain1.com) -- 443
abc.domain2.com - 2nd certificate (*.domain2.com) -- 443
C. In SSRS - i have one virtual directory in web service URL
SSRS-> Webservice URL -> virtual directory name : "Report Service"
[enter image description here][1]
D. in advance setting
[enter image description here][2]
E. in Report manager URL, i am trying to bind two 443 domain but i cannot
while i bind both url and port 443 then i got this error
Microsoft.ReportingServices.WmiProvider.WMIProviderException: An SSL binding already exists for the specified IP address and port combination. The existing binding uses a different certificate from the current request. Only one certificate can be used for each IP address and port combination. To correct the problem, either use the same certificate as the existing binding, or remove the existing SSL binding and create a new binding using the certificate of the current request.
Question:
now i need to connect my report server using two different URL and unique SSL certificate each URL.
But i cant bind this two urls using 443 to connect report server.
I can bind one url and certificate then its working for one URL only.
How do i bind two URLS and certificate to one report server and make it work for two URL's
please help on this issue.
I suggest you try ignoring the error on the first URL ('Web Service URL') and proceed to bind the certs to the 'Report Manager URL' as well. You may have to manually edit the bindings in Advanced Settings, but once you get them looking right in Advanced Settings, SSRS should work.
And a second suggestion, though it looks like you already have done this: be sure the common name (CN) for the wildcard certs are *.domain1.com and *.domain2.com. SSRS will only accept host names that match the CN, and in your case, where you're binding 2 certs to same port, the CNs must be different.
Here's a related point for anyone trying to make the multiple hosts in a single subdomain case work: e.g, https://foo.localdomain/reports and https://bar.localdomain/reports.
Request your SSL cert with Common Name (CN) = *, not the server name or anything specific. Then list all the permutations of DNS names that you want to support in the Subject Alternate Name (SAN) field. The url looks funny in SSRS Configuration Manager (https:+:443), but it Works on the Wire(tm).
If you specify some non-wildcard for the CN, you'll get 'resource not found' error tryng to connect, although the SSL handshake will work.
To achieve the objective you need a Multi-Domain SSL or Wildcard SSL certificate, for example:
Multi-Domain SSL(Multiple Domains)
xyz.domain1.com
abc.domain2.com
Wildcard SSL(Sub-domains)
xyz.domain1.com
abc.domain1.com
Reference:
Multiple Domain (UCC) SSL
Secure multiple domains and
sub-domains on one certificate
I am working on an extension where proxy is set through my extension using chrome extension proxy api(chrome.proxy.settings). Everything works fine and I get all traffic on my proxy server except the ones in bypass list of course.
Now my question is: How do we bypass the proxy set dynamically? I mean Is there a way to bypass proxy for some URLs (not in proxy bypass list) programmatically? I understand bypass list included urls/patterns are bypassed. But I require some urls to bypass proxy on the go.
Anyone faced a similar requirement? Any direct method to bypass the same dynamically or any work around would be appreciated.
Bypass proxy on the go?
You can pull any specify adressess from your web server. What's a problem?
For example:
chrome.windows.onCreated.addListener(function() {
var config = {
mode: 'fixed_servers',
rules: {
proxyForHttp: {
scheme: 'http',
host: '127.0.0.1',
port: '80'
},
bypassList: []
}
},
proxyByUrl = 'path/to/proxiesByUrl?path=' + window.location.href;
$.get(proxyByUrl, function(data) {
// Set up current proxy, dependent on request URL
config.rules.proxyForHttp.host = data.proxyAddress;
config.rules.proxyForHttp.port = data.proxyport;
// Excluded URL's for this proxy
bypassList.push(data.bypassUrls);
});
});
Match all hostnames that match the pattern . A leading "." is interpreted as a "*.".
Examples: "foobar.com", "foobar.com", ".foobar.com", "foobar.com:99", "https://x..y.com:99".
For more detailed patterns of bypassList, read the official documentation.
I'm developing an extension to the Chrome and I'd like to filter WebNavigation.OnCompleted event so that it's only fired on certain domains.
I'm using it like this:
chrome.webNavigation.onCompleted.addListener(function(details) {
// some code here...
}, {
url : {hostEquals : 'www.foo.bar'}
});
That works. Then I started testing this on a test page, which is located on my local computer. That's when I ran into the problem: what's the value of the filter when URL points to a file located on the local computer (i.e. what's the hostname of a local file from Chrome event filter perspective):
file:///home/usr/testfile.html
I know, the URL doesn't really contain a hostname, but I think it should be possible to filter these kind's of addresses too. I've tested different variations, like 'file:///', 'localhost' and '/' but none of them seem to get the job done. Leaving the filter empty equals no filtering at all.
The extension works fine without the filter, but I need to get this system to work with it.
To match a file URL that starts with "/home/user/", just use urlPrefix, e.g. as follows:
chrome.webNavigation.onCompleted.addListener(function(details) {
// Some code here...
}, {
url: [{
hostEquals: 'example.com',
}, {
// Note: This filter will only match if
// 1) You've declared the "file://*" or "<all_urls>" permission
// in manifest.json, and
// 2) You've visited chrome://extensions and ticked the checkbox
// "Allow access to file URLs" at your extension.
urlPrefix: 'file:///home/user/'
}],
});
For other filters, see the documentation at chrome.webNavigation.onCompleted.
PS. The host name of a file:-URL is whatever that comes between the file:// and the path. In case of file:///, it's an empty string.
I am trying to understand the working of Google chrome extensions. I was studying the manifest.json file where I came across the permissions "http://*/*", "https://*/*" and "<all_urls>"
Can anybody explain what do these permissions mean?
"<all_urls>": matches any URL that starts with a permitted scheme (http:, https:, file:, or ftp:).
"http://*/*": Matches any URL that uses the http: scheme.
"https://*/*": Matches any URL that uses the https: scheme.
"*://*/*": Matches any URL that uses the https: or http: scheme.
These permissions are required if your Chrome extension wants to interact with the code running on pages.
Match patterns documentation
<url-pattern> := <scheme>://<host><path>
<scheme> := '*' | 'http' | 'https' | 'file' | 'ftp'
<host> := '*' | '*.' <any char except '/' and '*'>+
<path> := '/' <any chars>
The meaning of '*' depends on whether it's in the scheme, host, or path part. If the scheme is *, then it matches either http or https. If the host is just *, then it matches any host. If the host is .hostname, then it matches the specified host or any of its subdomains. In the path section, each '' matches 0 or more characters. The following table shows some valid patterns.
To make SPL's answer a bit more concrete: from https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions
For example, consider an extension that wants to run a script in the current page when the user clicks a browser action. If the activeTab permission did not exist, the extension would need to ask for the host permission <all_urls>. But this gives the extension more power than it needs: it could now execute scripts in any tab, any time it likes, instead of just the active tab and only in response to a user action.
Having worked on a few Firefox extensions, I found that it is often the case that <all_urls> is needed rather than activeTab because when users change the options for the extension, one has to inform all the tabs that the options has changed so that the extension can behave according to the new settings. The alternative is to use activeTab but then the extension has to re-load all the options from storage.local just before carrying out its function. This is acceptable if the functions provided by the extension is not used frequently.
I have a domain name abc.mydomain.com
This is a https URL ( http redirects to the https version )
However, I now need to be able to handle www.abc.mydomain.com to redirect to abc.mydomain.com
How can I do this? is it a webserver level redirect or something to be done at the DNS resolution.
I know my URL already has the "abc" as its sub-domain and I dont need a "www", however, we noticed that "www.news.google.com" resolves to "news.google.com" - hence wondering if I can achieve it too
Thank you!
In short, yes.
DNS works on a hierarchy - the DNS server for .com can delegate down to the nameserver for your domain which can delegate further, or just answer the requests, which needs to be your first step.
If you use Bind style zone files, you can do something like (where 123.45.67.89 is your webserver IP address):
* IN A 123.45.67.89
Then, you also need your webserver to resolve that to the right virtual host/redirect as desired.