hope somebody understand and can maybe explain me my idea.
My Goal:
I would like that the user can use my web application, but the requests for parsing urls, etc will not run on my server, but
are processed on the client side via the browser.
My theoretical example:
There is a web application the user need to login.
If the user is logged in, he can paste ten urls into a textinput box and than push a button.
Then a ajax request is made to the server and the urls are parsed and the site informations from the parsed urls comes back as json to display it in the frontend.
Ok now my real question.
Is it possible to create a Google Chrome Extension that catches the Post request from the textarea, and send the urls to the
background.js. than the background.js should request this urls via javascript xmlhttprequest to bypass the cross-orgin restriction.
Related
Issue: appears to be that banno framework is "remembering" the urls. This is happening in a mobile browser when the user does not close the tab or browser. When the user opens the page, banno is remembering the url from last time and trying to load the same url.
What needs to happen is that banno needs to fully reload the page so that we can go retrieve a new url and log the user in again.
Could it be how they treat plugins when a browser is left open. A url that is loaded is not good forever.
Odds are good that the situation you're encountering is described in https://stackoverflow.com/a/71267143/6680761
Essential info from that link is:
Part of keeping state of the page is keeping authentication data. The OAuth flow used to initially authenticate the user is not intended to be used on every page refresh. It's expected that the embedded web application will keep its own authentication state. How this is done is usually very specific to the language and platform used for the embedded web application. However all strategies almost exclusively use a cookie which is destroyed when the application closes.
The Oauth callback URL with an authentication code should be redirected away from once the code is exchanged for an access token. From that point forward your app should be using its own authentication mechanism.
I am writing a Chrome App that communicate with a web page. For that I have added something similar in my manifest file.
"externally_connectable": {
"matches": ["*://*.example.com/*"]
}
But the "example.com" has to be dynamic as individual customers has their one web server.
Is there any possibility, user(who install the app) can change the externally_connectable site/s.
There is an alternative way a web page can communicate with extension through content script. This approach can be used if both web page and extension are done by you.
E.g.
web page <--> content script of extension <--> background script of
extension <--> native application
For web page to content script of extension communication use window.postMessage and window.addEventListener
For Google Chrome browser,
For content script of extension to background script of extension communication use chrome.runtime.sendMessage and chrome.runtime.onMessage.addListener
For background script of extension to native application communication use chrome.runtime.sendNativeMessage
Please make sure your code has necessary security in place.
As far as I know the "externally_connectable" is the only official way to send messages (With data) from a web page as mentioned here
This requires a predefined values for every single domain. But what if you want to make only one extension to accept messages from any web page?
If you just want to notify the other side about some thing, you can use the native JS Event dispatching it on the document from one side and listening to it at document also from the other side as the document is shared between the extension content script pages and the web page.
You can't use JS CustomEvent to send data as every time you send data, you receive it empty as a result of sandbox effect of any extension.
If you want to share data so the only workaround I know so far - after spending about one month developing an extension - is to have a combination between some sort of a storage and the JS native Event mechanism.
The solution in steps (suppose you need the web page to send some data to the extension):
Make an event on document from the web page.
Save the data temporarily inside any storage technology you prefer
(localStorage, the DOM itself, or what ever..)
Receive the event at the other side (extension) by listening on the
document.
Read data and remove it.
Hope this helps someone or open a door for a discussion on a better way doing this.
I am currently making a processing program, where a part of it will be to acess some information from at website. The website will be an HTML file, where some information is stored, which i need to acess and parse. I know how to open a html file, but my problem is that it is supposed to acess a list, which is generated after a login on the website. How do i do that?
This is the website, right after loading the HTML file:
http://i.imgur.com/kGIkyle.png
After a login, the website will begin to spit out data every two seconds.
I wanna acess the data in the ordered list, and i wanna acess it every two seconds in my processing program. How do i do that?
This is the website, after a login, after a moment.
http://i.imgur.com/O743fNJ.png
When you use a web browser to submit a login, you're really interacting with the server. Usually the web browser submits a POST request containing the login information (like a username and password), and the server responds with the next webpage to load.
The details of this are going to depend on the website you're interacting with. Some websites might use AJAX to submit the data and then trigger some JavaScript to run.
The point is, you're going to have to understand exactly how the underlying web server and webpage works. Then you're going to have to use the rules of those interactions to issue the appropriate requests from your Processing code.
It might be as simple as submitting the login credentials in the url itself and then just scraping the information from the webpage.
More likely, you're going to have to interact with some kind of web API and do the requests yourself. Google "Java post request" for more info.
Of course, all of this assumes that the website is open to people using it. If this website isn't yours, it could also be locked down and unavailable to you.
I'm building an Add-on that needs to open a window and send some for data (via POST) to a remote server. I can do either of those items fine - UrlFetchApp() for sending the data, and an anchor tag to open a new window, but I couldn't find a way to do both of them together.
Basically I need to send the user to another website temporarily and provide that website with some data entered within the Add-on. I tried doing this with pure javascript, but the window.open() method is not available within the GAS sandbox.
Thanks!
Its not possible in apps script (and not possible in javascript either).
What you need is to open the external site with anchor & needed parameters (post data) in the url itself. Your external url in its javascript must convert the params to a Post (or handle it directly in its server's Get)
Also, if the external page is for doing some authentication with callback (like oauth flow) apps script now support such 'oauth callbacks'
I am currently trying to port a Chrome extension to Firefox.
The Chrome extension has a "Login" page, which is opened in a new tab as an HTML document. The HTML document is stored in the local directory with other extension files. The user inputs a URL which should represent a server running our application, where the user will be asked to login. After a successful login, the user is redirected back to the options.html page, which is updated to show the user's preferences.
I would like to duplicate this in the Firefox extension, i.e. I would love to avoid writing anything in XUL to build an options page.
I tried opening a new tab with my HTML page like this:
var url = "chrome://myextension/content/options.html";
var win = Components.classes['#mozilla.org/appshell/window-mediator;1']
.getService(Components.interfaces.nsIWindowMediator)
.getMostRecentWindow('navigator:browser');
win.gBrowser.selectedTab = win.gBrowser.addTab(url);
But I don't like this for a few reasons: 1) The navbar in the new tab displays the "chrome:// ..." URL, and 2) it breaks the authentication process. The authentication is done using an OAuth type system, and the current URL is passed into the API so that the user can be redirected back upon successful authentication. The authentication fails with "chrome://" as part of the URL.
Just out of curiosity, I tried hardcoding the URL like this:
http://myextension/content/options.html
And the user is actually successfully authenticated, but then the redirect obviously fails afterward.
The Chrome extension seems to work with no problems or weird hacks. From what I can tell, opening it works like this:
chrome.tabs.create({"url":chrome.extension.getURL("options.html"), "selected":true});
And referencing the URL of the tab later so we can be redirected back to it just works like this:
var options_url = chrome.extension.getURL('options.html');
So, I'm wondering: what is the best way to open a local HTML document in a new tab with a Firefox extension, without using the "chrome://" "protocol"? Is there a similar way to how it can be done with Google Chrome extensions?
UPDATE 23/5/12
So this article says that chrome:// URLs are not accessible from the web, only locally.
http://adblockplus.org/blog/web-pages-accessing-chrome-is-forbidden
I think this could be the reason why my authentication was failing. I'm definitely looking for a way for my extension to display a local HTML file in a window or tab without using chrome://.
UPDATE 07/6/12
Here is my (hopefully temporary) solution:
The user enters the URL of the server running our application. He/she is redirected to the application login page, but instead of passing "chrome://myextension/content/options.html" as the URL to be redirected back to after authentication, I pass a phony URL, i.e. "http://myextension/thisis/madeup.html".
In my extension's overlay.js, I set up an HTTP request listener which listens for the phony URL being requested. When a GET happens for the phony URL, I cancel the request, and open the real, locally stored page at "chrome://myextension/content/options.html".
See the following references:
https://developer.mozilla.org/en/XPCOM_Interface_Reference/nsIObserver
https://developer.mozilla.org/en/XUL_School/Intercepting_Page_Loads#HTTP_Observers
If you're trying to do this redirect for an OAuth call you should try using OAuthorizer from Mozilla instead of doing the redirect work yourself. Hope that helps!