I am trying to put together a small webpage for my daughter that uses speech input to test her knowledge of various words that she is supposed to know on sight.
The problem is every time she hits the answer button it asks for microphone permission. I hit allow and it saves as an exception in my chrome media settings as ask.
Everything I am reading online is telling me that for it to remember the settings and set to allow, it needs to be on an https server.
This site I use to test my webcam is not on an https but still saves as allow and doesn't ask again. http://testmycam.net
How do they do it without an ssl cert?
Related
Like Stackoverflow is cached and displayed even if I don't have any internet connection, I want to use a formular which can be hold in the cache.
Next I want the user to be able to enter data, "upload" a picture even if there is no internet connection.
All the submitted data shall be transferred to a server when the mobile phone gets internet connection again automatically or triggered on a sync button.
As I super plus point the user should be able to repeat the task of submitting data more then only one time.
If there is such a solution, I am also interested in the limits of it. How big is the cache/localStorage, does it work for android, ios and Microsoft?
Are there any methods to measure and display the cache/localStorage status?
Links, Examples, Libraries, Experiences appreciated!
I need to capture image from web page without security warning.
Page where i need webcam functionality can not be switched to https protocol.
I've installed root certificates and made them trusted.
I tried to insert iframe (which pointed to secure protocol https://mysecurepage.com) inside page (http://mypage.com), but not worked.
#bjelli is correct - this is a major security flaw for any internet content. Just imagine if you could go to a website which would start taking photos/recording everything going on without any permissions or notifications!
However, I am working on an intranet project where disabling the prompt would be quite safe.
If you are in this sort of position - there is one thing you can do;
Google Chrome Policies
If you are deploying the browser, you can override the security prompt for sites you specify. I don't know if you are working in such an environment, but this is the only way you can avoid the prompt all together. Similar things probably would apply for other browsers too.
As defined in http://www.w3.org/TR/mediacapture-streams/
When the getUserMedia() method is called, the user agent MUST run the following
steps:
[9 steps omitted]
Prompt the user in a user agent specific manner for permission to provide the
entry script's origin with a MediaStream object representing a media stream.
[...]
If the user grants permission to use local recording devices, user agents are
encouraged to include a prominent indicator that the devices are "hot" (i.e. an
"on-air" or "recording" indicator).
If the user denies permission, jump to the step labeled failure below. If the
user never responds, this algorithm stalls on this step.
If a browser does not behave as described here it is a serious security problem. If you find a way of making a browser skip the "permission" you have found a security problem.
What do you do if you find a security problem?
Report it IMMEDIATELY! Wikipedia: Vulnerability Disclosure
Firefox: http://www.mozilla.org/security/#For_Developers
Internet Explorer: http://technet.microsoft.com/en-us/security/ff852094.aspx
Safari: https://ssl.apple.com/support/security/
Chrome: http://www.google.com/about/appsecurity/
Opera: http://www.opera.com/security/policy
This is not just a question of technical possibilities, it's also a question of
professional ethics: what kind of job would I not take on? should I be
loyal to my customer or should I think of the welfare of the public? when do I
just follow orders, when do I stop bad stuff from happening, when do I blow the whistle?
Here are some starting points for computing professionals to think about the ethics of their work:
http://www.acm.org/about/se-code
http://www.acm.org/about/code-of-ethics
http://www.ieee.org/about/corporate/governance/p7-8.html
http://www.gi.de/?id=120
The question may sound a little odd but I'm currently in a project where this could help solving many problems.
Is it somehow possible to embed an .exe into any web browser? I don't want to run the program directly in the browser (would be major security risk I guess), I just want the window of the .exe being embeded into a browser page. So the .exe is running locally on the system but instead of a "windows window" I have it displayed in the web browser. Think of it like VNC, I only need my "video" and the possiblity of user interaction (the program is an interactive 3D visualization).
I don't have much hope for this being possible so I'm also glad about any suggestion that would allow me to display web pages while my program is running in the same (fullscreen) window. Doesn't necessarily has to be a "real" browser but should allow basic stuff like HTML, CSS etc.
This kinda sound more like a SuperUser question rather than a StackOverflow one.
Anyway, I have a number of possible solutions for you:
You could use a second monitor.
Maybe all you really need is setting the "exe" window to "always be on top".
I could swear that used to be an option in the Windows' default Task Manager in the earlier versions of Windows but I use a 3rd-party piece of software for around 10 years now for that and many other purposes, however there are many such options to be found online.
Can't risk endorsing the one I use here, since it tends to spook people into thinking I'm trying to infect them with HAX.
In case you have the sources for the "exe" you are running, have you considered going the other way around and building a web renderer into your desktop program? Something like WebKit, Servo and suchlike.
Or you could make the program listen on a port to network packets you can be sending from the page you'd have to make — like a remote control.
Then there's also the cgi-bin option if you run the server.
And, to see what you're controlling, you might wanna stream it to some streaming platform (if you get it to stream an obscured window), embed their player widget in an iframe on your custom local webpage and keep the website you are reaching in another frame.
Maybe even code the program to read XInput and stream it through Mixer using its MixPlay feature to control it.
Hope any of this helps.
Some browsers does not asks the client if he want use the application cache, but simply just downloads the whole thing at first visist (e.g. the browser on android). That can cause troubles when the application cache is many MB's and the client is on a mobile network - that is expensive! And is it possible to stop the cache from being downloaded? Pressing the menu button on e.g. android will not close the browser, it will be running in the background.
Is it a good idea to only add the manifest based on a cookie set when the client pushes a "hey i want to offline cache this site" button? Will that cause any new challenges?
I've tested this, and it seems to work. Needs more testing though. Can provide a link to the site in about two weeks if anyone is interrested.
One possible solution, as a you hinted at yourself, would be to ask the user if he/she wants to cache the app offline, and if so, only then redirect to a page which has a link to the manifest file (which is subsequently downloaded by the browser). You cannot stop a download midway unless of course, your network disconnects mid way.
I have an HTML5/jquery mobile web app at http://app.bluedot.mobi. It is used for long distance races to track competitors via SPOT satellite tracking. The issue I have not yet resolved is that when loading the app when no data connection exists, the browser throws a "no data connection" alert popup as it is attempting to fetch the manifest during the checking event. Even when a data connection is present, loading the app can take a very long time. There are ~ 500 files to check. The fastest way to load the app (from a phone) is to be in airplane mode and dismiss the browser's alert - not so elegant.
Rather than force an update on users who tend to be in the backcountry with a spotty connection, I want to use applicationCache.update() programmatically, giving the user control over the process and speeding up app load whether on or offline.
Is this currently possible with the HTML5 spec and respective browser implementations?
Sounds like you need the abort() method. Unfortunately it is very new, and it will probably be a while before it is implemented by the majority of mobile browsers.
There are ~ 500 files to check.
It sounds like you're implying that the browser checks each file to see if there's any of them which has changed. This is not correct. The browser only checks the manifest file if that has changed, and that is a simple byte check. If the manifest file has not changed, the browser believes nothing has changed.
So if your application is slow to start, it might be your because your application is complex and there's alot of HTML and Javascript to parse. I would advise you to take a look at the application and see if there's anything you can optimize. In that case, you might want to take a look at Yahoo's Best Practices for Speeding Up Your Web Site page.
For example, I noticed you have a lot of Javascript code in the HEAD section. The beforementioned article advices us to move all Javascript (To the extent of what's possible) to the bottom of the page, so that the browser can start rendering the page as soon as possible. And there's a lot of other sound advice in the article. So take a look, I'm sure you'll find it useful. :-)