I want to know how can we obtain the cookies of the current page being accessed using a communication link between the content script and background page. This is for an extension.
You can use Content Scripts to access document.cookie for each website you visit. Then you can use Message Passing to pass the cookies from your Content Script to your Background Page.
There are many examples on Stack Overflow for example:
Chrome Extension: how to capture selected text and send to a web service
Chrome Extension: How to pass a variable from Content Script to background.html
Google Chrome Extension - Architecture Question
Chrome extension: accessing localStorage in content script
In background.html,how can I access current web page to get dom
Help with chrome extension message passing
Related
I was wondering whether it's possible to use chrome.send() function ,which is accessible in chrome internal pages like chrome://version, for sending commands such as chrome.send('restartBrowser') to chrome browser outside of chrome internal pages and inside of my own custom web page or not.
This question already has an answer here:
Since v38, Chrome extension cannot load from HTTP URLs anymore, workaround?
(1 answer)
Closed 6 years ago.
So I'm building a Chrome extension that takes images from the current tabs and sends those images to a server to host the image. It works great for many sites, but on major sites like Instagram and Pinterest, it won't work because the browser blocks mixed content (HTTP and HTTPS). I get the following error message in the console:
Mixed Content: The page at 'https://www.instagram.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint. This request has been blocked; the content must be served over HTTPS.
I checked this post and it doesn't appear to help me with regards to extensions spcifically: https://productforums.google.com/forum/#!topic/chrome/OrwppKWbKnc
Also, I tried to add the server URL to the permissions in manifest.json and that did nothing for me, either.
My question is this: is there a way for me to have a Chrome extension that allows mixed content for just my server or is my only option to switch my server over to HTTPS?
If you send http request from content scripts, since it lives in the same context with the webpage, it will be restricted by SOP, which is browser behavior.
You could move your http request from content scripts to background page (either by Message Passing or some other trigger like browser Action), since background page lives in the context of the extension, while extension itself can bypass the SOP by adding server URL to permissions.
I have an application that uses Google Drive for document storage and preview functionality, but recently the iFrames that the documents are loading into are not displaying anything. Upon inspection of the console, Chrome declares that it blocked the fram from running insecure content, and that is why the file preview did not load.
The initial call to preview this file is to a url that looks like this:
https://docs.google.com/document/d//preview
There is a redirect along the way that takes the following form but because it uses http instead of https, Chrome blocks the content from loading.
http://www.google.com/url?sa=p&q=https://www.google.com/accounts/ServiceLogin?service%3Dwise%26passive%3Dtrue%26go%3Dtrue%26continue%3Dhttps://docs.google.com/document/d//preview?pref%253D2%2526pli%253D1
Is there any way around this issue? It is blocking a core functionality of my application currently, so any advice would be appreciated. I can provide a screenshot of the full stack of network loads in necessary, but this is the only URL that is not http compliant.
Thanks in advance for your help.
Hacked that. Add a "?pli=1" without quotes at the end of the URL to avoid redirect (after "/preview" or "/edit") and land directly to the document.
When the internet connection is unavailble, and we try to browse to Gmail when it had opened earlier, a message can be seen:
Gmail
The app is currently unreachable.
This same way also with Youtube.
In the Gmail offline message, I saw this attribute in the body tag:
jstcache="0"
How can we implement such a page when the page/browser is offline ?
They're using offline browsing, another new feature in the HTML5 spec. Take a look here: http://diveintohtml5.info/offline.html
It enables you to define certain assets on your site, using a manifest, that are cacheable. The browser will save them and display accordingly whenever the user is offline.
I have page where RSS icon is present. I want that when user clicks on RSS icon it will check in chrome browser that, whether that RSS reader chrome extension is installed or not
I am trying to achieve this by using chrome extension methods, mentioned here.
I tried something like this but it is not working:
var port = chrome.extension.connect("nlbjncdgjeocebhnmkbbbdekmmmcbfjd");
To use this API you need to be either an extension or a web application having the necessary permissions - normal web pages cannot access it. However, detecting whether an extension is installed in Chrome is still easy:
<script src="chrome-extension://nlbjncdgjeocebhnmkbbbdekmmmcbfjd/manifest.json"
onload="alert('installed')" onerror="alert('not installed')"></script>
This uses the fact that the extension's manifest.json file is located under a predictable URL and that web pages are allowed to load this URL. Of course, this isn't an officially documented approach but rather a loophole and a privacy issue. So be prepared for it to stop working in some future Chrome version. At the moment it works however.