My web app shows a list with items with certain properties. Each list item is a row, which amongst others an email address. When the row is clicked, it expands and shows more information.
All works fine on the desktop, but on mobile, Chrome recognizes the email addresses and on click it opens the email app to write an email to this address. I didn't set this myself, so this seems to be default behavior.
Is there a way to prevent this from happening?
The code to show the email address:
<p class="text-ellipsis"><em>someone#example.com</em></p>
I like to inject "zero-width no-break space" characters to fool helpy mobile browsers
<p class="text-ellipsis"><em>someone#example.com</em></p>
I ended up putting the email address in an tag, then styling this as normal text and disabling the default action through javascript. This way the browser thinks an action is already connected so doesn't do anything when clicked.
Since I was loading the data from a database query into a Django template, any option to add characters in the address itself would've not been possible.
Using chrome://settings/handlers then set "Don't allow sites to handle protocols" worked for me.
Related
Scenario
On site example.com I have 3 different accounts (e.g. usernameA:passwordA, usernameB:passwordB, usernameC:passwordC). I have let the browsers store them.
So the next time I go to example.com, the browser autofill/prefills the username and password fields of the first account (usernameA:passwordA). There's a dropdown list containing the other accounts (usernameB:passwordB and usernameC:passwordC.)
Question
When the first usernameA:passwordA is autofill/prefilled by browser... is it known to example.com before I choose usernameC:passwordC? (if example.com is tracking form input fields?)
Can example.com know that both usernameA and usernameC are used by same person? (by tracking form input fields?)
Can example.com know that the browser had autofill/prefilled the form fields of currently logged-in user (which is usernameC) with usernameA & passwordA first, before this user manually chose usernameC?
Update
So it appears my question remains without any interest. Meanwhile I have tried googling this issue, and tried Chrome, Firefox and Opera forums, but haven't found anything (most probably because I am not using right terms to look for perhaps?). I'll just leave it here hoping someone in the know eventually stumbles on to it. Thanks.
It appears that Browsers do not sent the <input> fields of login and passwords to the sites until after submission via <form> so I think it's a safe practise.
We have Ruby script that fetch and parse reply emails from our clients and putting them on appropriate client object in application.
For that purpose we send email to client with specific "hidden" code/id inside 1x1 pixel img tag (in similar way tracking pixel technology works) when clients reply to email, they quote our original email with code/id inside. And when we get client reply we can detect that hidden code from img tag, and process it accordingly. This works fine except when clients are replying from Outlook 2013.
Outlook 2013 removes image data containing code/id, and put something like "Image removed by sender." so we cannot detect see code/id anymore.
Also tried, making a image from base64 and even encoding code/id inside base64 image, but we got same result.
We tried different solutions, like making custom tags with class name contain code/id. Those custom tags are removed too, and replaced with something like < o:p >< /o:p >
We tried to put code/id inside invisible div, in inline css and various css tricks, and in this case Outlook just removes invisibility of div, and code/id is visible in email content.
There is a option that code/id is visible text inside body or subject, but we would like that this code/id be stays invisible to the clients.
It seems like its almost impossible to pass some hidden data trough reply email from MS Outlook.
Is there any way that we can pass this code/id trough reply email from outlook, without outlook removing it or making it visible?
Thank you.
Unless the data is visible (one way or another), chances are Outlook (or rather Word-light used for editing emails) will remove it.
White text on white background would probably work...
<img src=3D"https://t.yesware.com/t/58c8a29bcdf01103c9661815ef20eff8d=
f34a1b3/556ad713ae0cb0b15199a455f1fa5dfd/spacer.gif" style=3D"border:0; wid=
th:0; height:0; overflow:hidden;" width=3D"0" height=3D"0"><img src=3D"http=
://t.yesware.com/t/58c8a29bcdf01103c9661815ef20eff8df34a1b3/556ad713ae0cb0b=
15199a455f1fa5dfd/spacer.gif" style=3D"border:0; width:0; height:0; overflo=
w:hidden;" width=3D"0" height=3D"0">
I will address this dry-snitching code in a bit
Yesware is a paid service that allows you to track when and where the recipient of your email opens that email, every single time that they do or if they forward it to someone else, you will get the IP address and device type of each of those opens as well.
I've used Yesware for years, this is the first time that it has peeked it's little head out. In an email chain involving my Gmail hosted email and someone we will call Quarles. The first email I sent Quarles went normally, I received notification from Yesware that Quarles opened it from an iPhone. No further notifications came from YesWare which is impossible because he has replied twice.
I discovered in the latest email thread, under my second reply, Image removed by sender.Image removed by sender.
Below my third reply, Error! File name not specified.Error! Filename not specified.
I viewed the headers and, damn the luck, Quarles is using Outlook on a Mac Microsoft-MacOutlook/10.c.0.180410
What I am curious about is what Quarles sees on his end. Because the gif is not gone, the code is still there in our thread untouched. I know because if I open the email thread from another device (non-sending device) I get the notification that someone opened the email. So, what is preventing the code from calling home? Is it his MacOutlook? Is it an add-on he's got?
I am seriously considering having my husband write something better than Yesware. He's not a programmer but he is a SysAdmin so he'll figure it out. Besides, the stupid programs he has designed looked like crap anyway so why not write code for something that is supposed to remain unseen.
Oops, gotta go, if he catches me on stackoverflow he's gonna freak.. ;)
so the problem is:
I have a mailto html tag and when used via IE8 (our clients use it...), before popping up outlook, it shows a warning "This form is being submitted using e-mail. Submitting this form will reveal your e-mail address to the recipient, and will send the form data without encrypting it for privacy. You may continue or cancel this submission".
The problem is that many of the users do not speak english, so our client wants us to either remove this message (we explained them it is a browser constraint, but they still insist on doing it) or translating it to bulgarian. Any ideas which of these is easier to do ? (I mean possible at all). Is there a way to turn this message off from the browser?
You cannot get rid of the message -- as you already said, it is a browser constraint, and entirely outside of your control.
The only way to get rid of it would be to rewrite your site to send the message via a different method. But that's overkill just to get rid of a warning message.
For the record, this isn't an IE8 issue; you'll get the same message under newer IE versions as well (I've seen it myself recently in IE11).
The real question is if your users are Bulgarian, why are they getting English messages from their browser? They should be running Windows and IE localised to their language. If they do that, then the message will show up in Bulgarian.
When I submit a form with a password field in, for example, Firefox, the browser asks me if I'd like it to remember the username and password for me. For example, logging into gmail in Firefox, I get this message in a popup:
Would you like to remember the password for "markamery#gmail.com" on google.com?
with 'Remember password', 'Not now' and 'Never for this site' options.
I'm developing a plugin that will be used to provide a service on multiple websites. Users will have an account on our mysite.com, and our clients, like someclient.com, include a Javascript script from mysite.com on their webpages which adds our content and functionality to their page, including a login form that users can use to sign in to our site. (The actual mechanics of the login process are all handled with iframes, AJAX and HTML5 postMessages, not that it matters).
When users log into our plugin on someclient.com, I want their browser to prompt them to remember the password on mysite.com, and when they see our login form on someotherclient.com, I want it to be autocompleted with the same username and password that they entered into it on someclient.com. However, currently, they get a prompt asking
Would you like to remember the password for "yourname" on someclient.com?
instead, which isn't what I want.
Is what I want possible, and if so, how?
Putting the form inside an iframe will cause Firefox at least to associate any stored passwords with the domain of the iframe instead of that of the main page. You can communicate with the iframe using postMessages.
Just have the iframe catch the form submit event, serialise the content of the form, and send it to the main window via postMessage; then the main window can grab the content of the form from the message and handle it using Javascript.
Of course, even in simple cases this is a fairly ugly hack, and if there are complicated interactions between content in the iframe and content or code in the main page, then trying to handle them all properly via postMessage may result in a quick descent into pain and spaghetti. If the value of having cross-domain password autocompletion is low and the main issue is that having a remember password message featuring the wrong domain name is bad, then consider simply disabling the feature altogether instead of mutilating your codebase with hacks to fix it. You can disable it by setting the 'autocomplete' attribute of the form to 'off', as described here: Disable browser 'Save Password' functionality
On a page I have, there is a piece of code that creates a mailto link for the members of a team. It just iterates through the list of members and dynamically creates the link
My problem is that when the number of members grows, it eventually stops the mailto link from working. I believe there is a character limit on this function, with the actually character limit depending on browser maybe.
I'm wondering is there any elegant solution or alternative to this?
Sending the email from the server side is not really an option, users still want to use their own desktop email app.
The easiest solution would be have the mailto send to a single email address that then auto forwards the message to all required individual emails.