Prevent debugging chrome packaged app - google-chrome

I created a "packaged app" for Chrome browser and I do not want others to debug the app.
Is there a flag in the manifest or any other way to prevent debugging?

If you use native client and don't use any HTML/JS/DOM, except for loading the native client module, then you would not be able to debug very much with devtools.

Related

How to bundle a Native Host with Chrome Extension and publish it?

I'm publishing a Chrome Extension that uses Native Messaging with a java application but it says that i cannot upload a double manifest ( one for the extension, the other one for the native host installation).
The only solution that i thought is to include the manifest of the java app inside the extension manifest (but i'm not sure it's possible, could you confirm please) OR to upload somewhere else the native host app (including its manifest) and let the user to download and install it. Is there another way?
Chrome extensions cannot include additional software which runs outside Chrome, like native host apps.
You will need to distribute your Java application (and its associated application manifest) separately from the Chrome extension.
You can't include multiple manifest files.
For native message host, please try to refer this link
https://developer.chrome.com/apps/nativeMessaging#native-messaging-host

start an external application from a Chrome browser

How can we start an external application(exe) from a chrome browser?
I have gone through this link which says we can open it from a chrome extension:
Start an external application from a Google Chrome Extension? as I have found few extensions which when installed starts my external exe(application).
However, I would like to open the application directly from chrome without any extension.
Is it possible? Is Native Messaging something to look in that case?

IntelliJ IDEA and Google Chrome fail to connect for JavaScript debugging

JetBrains IntelliJ IDEA sometimes loses its own JetBrains IDE Support plugin in Chrome. Upon debugging in IDEA, Chrome complains that:
hmhgeddbohgjknpmjagkdomcpobmllji is blocked
Requests to the server have been blocked by an extension
and stays on this page:
chrome-extension://hmhgeddbohgjknpmjagkdomcpobmllji/loading.html?__QUERY__
Where hmhgeddbohgjknpmjagkdomcpobmllji is JetBrains' plugin ID.
Instead of redirecting to the target page of the form:
http://localhost:63342/__PROJECT__/__PATH__/index.html
Restarting Google Chrome or disabling-and-enabling IDE Support plugin helps. IDEA "finds" Chrome again and Debug workflow works as intended.
Another possible problem is a failed authorization.
To debug a URL like this:
http://localhost:63342/__PROJECT__/__PATH__/index.html
Open it in the browser before starting to debug. It'll give 404 Not Found. Then switch back to IDEA and it will offer you to Copy authorization URL to clipboard:
http://localhost:63342/__PROJECT__/__PATH__/index.html?_ijt=__KEY__
Open this URL.
After this manual authentication is complete, IntelliJ IDEA should be able to debug index.html in Chrome.
IDEA always opens index.html for debugging in the browser window where the latest authentication happened. E.g., in a Chrome Incognito window, instead of a Chrome "normal" window, if you've just authorized IDEA in Incognito.
Going incognito may require an additional setup:
https://intellij-support.jetbrains.com/hc/en-us/community/posts/206201319-launching-chrome-incognito-in-intellij-12

How to detect event when chrome packaged app uninstalled?

I am developing a chrome packaged app. As part of the app i need to know, when user uninstalled the app. I could not find any method as part of the API,to read such a event when it happens. In extensions we have chrome.management api to do this, but chrome packaged app doesn't have this permission. Any help would be highly appreciated.
Try using chrome.runtime.setUninstallURL, this allows you to set a URL which is loaded as soon as the App is removed from Chrome. It does not require any additional permissions.

enable XSS in chrome and/or safari

I'm developing a native iOs app using cordova to do the native stuff, so I can focus on html/javascript and css. However, I need to make cross-domain ajax calls, which is fine in my native app, but not when I run my project in Chrome. So I would like to disable this security feature in Chrome so I can test my app. Is there an easy way to do this ?
Cheers
Given you are developing an iOS app I assume you are on OSX in which case you can essentially launch Chrome with XXS enabled be executing the following command line:
open -a "Google Chrome" --args --disable-web-security
In fact, I use it so often I added an alias in my .bash_profile:
alias chrometest='open -a "Google Chrome" --args --disable-web-security'
This has been working for me for quite some time all the way up to my current version of Chrome: 38.0.2125.104
Of course you can name it whatever you like…good luck!!!
You can do jsonp for your cross domain requests.
Or another trick is modifying the server headers to allow cross site ajax.
Access-Control-Allow-Origin: *
From cors