I made a Tauri Hello world app, using react-ts, and that contained logos for Tauri, Vite, and React, that are clickable of course, it uses an a HTML tag like <a href="https://vitejs.dev" target="_blank">, which if I click on it, opens a new tab in my default browser that loads that URL.
So naturally, I wanted to test if Tauri apps would open that link (or any other remote URL actually) inside the app's webview, so I changed that to <a href="https://vitejs.dev"> which did just that.
What I want to know is: how to configure any Tauri app to not open / load any URLs unless I specifically allow it to?
What I tried already:
I tried changing the CSP option in the tauri.conf.json file to none to not allow any remote scripts or ....
"security": {
"csp": {
"default-src": ["'none'"]
}
},
I also tried searching for some kind of allowed-navigation option that someone talked about
I also started looking into a before-navigate hook in the main.rs file but i don't know how to implement it
I would really appreciate it if you explain how to reach my objective, and I would be even more indebted to you if you can give me same better options or the ones more appropriate for a production ready app.
Regards,
zk.
Related
I am implementing deep linking to my android app and it works only when clicking on a link with the desired url such as https://mydomain.co.il only outside browsers like in whatsapp etc.
I know that for making app links work from browser, the website needs to have assetlinks.json file located at https://mydomain.co.il/.well-known/assetlinks.json in order to verify that I am the owner of both the domain and the app.
So I do have the assetlinks.json file ready but does anyone know how can I put the file in that specific location (https://mydomain.co.il/.well-known/assetlinks.json) on my website when using Wix as the platform ?
Thanks in advance
I struggled to find a straightforward way to host the Android Digital Asset Links file on Wix. Found bits and pieces of help on the net. Tested my code and it seems to work.
Here it goes:
Android needs a Digital Asset Links file hosted on the website of an app to verify ownership. The link required is: https://www.yoursite.com/.well-known/assetlinks.json
Since hosting this file at that location was not a plausible solution on Wix (at least to me at the time of this post), we'll need to add a JS file which can spit out the same JSON data and then redirect the URL Google expects to our new link.
Go to Dev Mode -> Enable Developer Mode and switch on the developer mode
In the new left pane, go to {} (Public & Backend)
Next to Backend, click on +, and create a new Javascript file with the name http-functions.js
Add this code:
// Import the Wix http functions API
import {ok, notFound, serverError} from 'wix-http-functions';
// Set the assetlinks variable (between the single backticks) with the content of your assetlinks.json file
let assetlinks = `[{
"relation": ["delegate_permission/common.handle_all_urls"],
"target" : { "namespace": "android_app", "package_name": "<Your app package>",
"sha256_cert_fingerprints": ["<Your app's SHA256>"] }
}]`
// Define http get function for your trust.txt file
export function get_assetlinks(request) {
let options = {
"headers": {
"Content-Type": "text/plain"
},
"body": assetlinks
};
return ok(options);
}
Publish your site
Test if the JSON is displayed by calling: www.yoursite.com/_functions/assetlinks
Hoping that things are great so far, we'll proceed to the last and final step - URL redirection
Go to site Settings > Marketing & SEO > SEO Tools > URL Redirect Manager
Click on New Redirect and enter for:
Old URL: /.well-known/assetlinks.json
New URL: /_functions/assetlinks
Test out the link www.yoursite.com/.well-known/assetlinks.json
Hope this helps someone! Better late than never.
This is loosely written to give a basic idea of what I'm trying achieve.
< VrButton onClick={props.userClick}>< /VrButton>
userClick={() => this.triggerTracking}
triggerTracking() {
ga('send', 'event', 'myEventCategory', 'myEventAction', 'myEventLabel');
}
I expect the code to trigger Google Analytics event tracking in the GA system when the user clicks on a button, but I get an error message - "ga is not a function".
I have GA set up in my index.html file, with the proper ID, and pulling in the latest analytics.js API.
React VR is all within a web worker context so it is not possible to access anything on your window without the use of native modules.
You can embed them directly in your client js and use the GA tracking functions as you normally would there. You will then call a function on your native module within your react VR app.
You can check out the documentation here: https://facebook.github.io/react-vr/docs/native-modules.html
Try using the window scope as:
window.ga('send', 'event', 'myEventCategory', 'myEventAction', 'myEventLabel');
I'm not familiar with React at all, but perhaps React causes some abstraction between the window and the react scope, making your ga() function unavailable.
Do next stps:
open the network debug tool of your browser.
reload your page
review loaded url list and check that www.google-analytics.com/analytics.js is loaded
If you does not see such url loaded - read google analitycks manual about how to setup google analytics on your page.
If you see such url replace url www.google-analytics.com/analytics.js with www.google-analytics.com/analytics_debug.js in your page, than reload and than go to console tab of your browser debugger and check the errors.
I'm thinking about developing Chrome extension for Gmail and I want to know what are the current best practices.
For instance:
attaching a GPG signature by default to every email
adding an extra button that does something (I have it already)
hijacking action of sending email and prompting me to do complete something
...
(just them examples helping me to discover what is possible)
There are quite a few notable extensions that significantly augment gmail functionality:
http://www.boomeranggmail.com/
http://toolbox.mxhero.com/
http://www.wisestamp.com/
...
(I'm not affiliated with any of them, I just named a few)
One option would be to peek into their source which is located here
~/Library/Application Support/Google/Chrome/Default
But maybe there is (wishful thinking) a good tutorial / set of practises on how to fiddle with gmail UI and functionality?
Gmail extension/gadget API - how to add a button to the compose toolbar?
You will have to create and inject the button programmatically. This will involve quite a bit of scouring the Gmail source code (spoiler: it's ugly).
How to build a chrome extension to add panel to gmail windows?
The greatest long-term challenge you will face is that gmail's layout will change unexpectedly and break email discovery or the modified UI. Both issues either require some cleverness to solve, or will require you to stay up at night wondering whether Google will suddenly break your extension.
http://www.jamesyu.org/2011/02/05/introducing-gmailr-an-unofficial-javscript-api-for-gmail/
They're all building out complex APIs with similar functionality, that can all break independently if Gmail decides to significantly change their app structure (which they inevitably will).
Gmail runs its code through the closure compiler, thereby obfuscating everything. On top of that, Gmail is probably one of the most sophisticated javascript apps out there.
Library by the founder of Parse - https://github.com/jamesyu/gmailr - but haven't updated in 1.5 years.
I can show you what I got so far, and just so know I don't particularly like selectors like .oh.J-Z-I.J-J5-Ji.T-I-ax7
Note: http://anurag-maher.blogspot.co.uk/2012/12/developing-google-chrome-extension-for.html (he also does it, he also uses such an obfuscated selectors)
manifest.json
"content_scripts": [
{
"matches": ["https://mail.google.com/*"],
"css": ["mystyles.css"],
"js": ["jquery-2.1.0.js", "myscript.js"]
}
]
myscript.js
var icon = jQuery(".oh.J-Z-I.J-J5-Ji.T-I-ax7")
var clone = icon.clone();
clone.attr("data-tooltip", "my tooltip");
clone.on("click", function() {
jQuery(".aDg").append("<p class='popup'>... sample content ...</p>");
});
icon.before(clone);
(reusing existing UI elements so my functionality looks natively)
https://developers.google.com/gmail/gadgets_overview
There are Sidebar Gadgets and Contextual Gadgets but they don not offer what I want to achieve.
Gmail Labs is a testing ground for experimental features that aren't quite ready for primetime. They may change, break or disappear at any time.
https://groups.google.com/forum/#!forum/gmail-labs-suggest-a-labs-feature
It seems like the ability to develop Gmail Labs is locked to Google employees.
https://developers.google.com/gmail/
Need help? Find us on Stack Overflow under the gmail tag.
So yes, I would really like to know if there are any tutorials / reference materials out there?
(I reviewed many of the 'Similar Questions' and I'm afraid that my options here are limited, but I would be extremely happy if I shrine your enlightenment upon me)
It looks like you haven't stumbled upon the gmail.js project. It provides a rich API allowing to work with Gmail. However, please note that this project isn't maintained by Google. This means that any changes in the Gmail may break your extension and there is no guarantee that anyone will care to update gmail.js to address these changes.
There is a nice API for interacting with the Gmail DOM here:
https://www.inboxsdk.com/docs/
The getting started example helps you add a button to the compose toolbar.
// Compose Button
InboxSDK.load('1.0', 'Your App Id Here').then((sdk) => {
sdk.Compose.registerComposeViewHandler((composeView) => {
composeView.addButton({
title: 'Your Title Here',
iconUrl: 'Your Icon URL Here',
onClick: (event) => {
event.composeView.insertTextIntoBodyAtCursor('This was added to the message body!')
}
})
})
})
Just ran into this blogpost from Square Engineering Team http://corner.squareup.com/2014/09/a-different-kind-of-scaling-problem.html
It is a chrome extension that displays contact information in the sidebar of Gmail when the user mouseover an email contact. (Just like Rapportive does)
The content script of the app is briefly described. It works as follow :
Check if the current page is an open email using document.location.href != currentUrl (you can also use gmail.js gmail.observe.on("open_email",function()) to achieve this).
Get the DOM element containing the email adress. I found out that this selector works for the sender : $(".acZ").find(".gD")
Insert the element in the sidebar with injectProfileWidget()
I am working on a similar extension that displays contact information pulled from Mixpanel here if you are interested.
I have a classic ASP web page that used to work... but the network guys have made a lot of changes including moving the app to winodws 2008 server running iis 7.5. We also upgraded to IE 9.
I'm getting a Permission denied error message when I try to click on the following link:
<a href=javascript:window.parent.ElementContent('SearchCriteria','OBJECT=321402.EV806','cmboSearchType','D',false)>
But other links like the following one work just fine:
<a href="javascript:ElementContent('SearchCriteria','OBJECT=321402.EV806', 'cmboSearchType','D',false)">
The difference is that the link that is failing is in an iframe. I noticed on other posts, it makes a difference whether or not the iframe content is coming from another domain.
In my case, it's not. But I am getting data from another server by doing the following...
set objhttp = Server.CreateObject("winhttp.winhttprequest.5.1")
objhttp.open "get", strURL
objhttp.send
and then i change the actual html that i get back ... add some hyperlinks etc. Then i save it to a file on my local server. (saved as *.html files)
Then when my page is loading, i look for the specific html file and load it into the iframe.
I know some group policy options in IE have changed... and i'm looking into those changes. but the fact that one javascript link works makes me wonder whether the problem lies somewhere else...???
any suggestions would be appreciated.
thanks.
You could try with Msxml2.ServerXMLHTTP instead of WinHttp.WinHttpRequest.
See differences between Msxml2.ServerXMLHTTP and WinHttp.WinHttpRequest? for the difference between Msxml2.ServerXMLHTTP.
On this exellent site about ASP you get plenty of codesamples on how to use Msxml2.ServerXMLHTTP which is the most recent of the two:
http://classicasp.aspfaq.com/general/how-do-i-read-the-contents-of-a-remote-web-page.html
About the IE9 issue: connect a pc with an older IE or another browser to test if the browser that is the culprit. Also in IE9 (or better in Firefox/Firebug) use the development tools (F12) and watch the console for errors while the contents of the iFrame load.
Your method to get dynamic pages is not efficient i'm afraid, ASP itself can do that and you could use eg a div instead of an iframe and replace the contents with what you get from the request. I will need to see more code to give better advice.
I'm using Python to parse an auction site.
If I use browser to open this site, it will go to a loading page, then jump to the search result page automatically.
If I use urllib2 to open the webpage, the read() method only return the loading page.
Is there any python package could wait until all contents are loaded then read() method return all results?
Thanks.
How does the search page work? If it loads anything using Ajax, you could do some basic reverse engineering and find the URLs involved using Firebug's Net panel or Wireshark and then use urllib2 to load those.
If it's more complicated than that, you could simulate the actions JS performs manually without loading and interpreting JavaScript. It all depends on how the search page works.
Lastly, I know there are ways to run scripting on pages without a browser, since that's what some functional testing suites do, but my guess is that this could be the most complicated approach.
After tracing for the auction web source code, I found that it uses .php to create loading page and redirect to result page. Reverse engineering to find the ture URLs is not working because it's the same URL as loading page.
And #Manoj Govindan, I've tried Mechanize, but even if I add
br.set_handle_refresh(True)
br.set_handle_redirect(True)
it still read the loading page.
After hours of searching on www, I found a possible solution : using pywin32
import win32com.client
import time
url = 'http://search.ruten.com.tw/search/s000.php?searchfrom=headbar&k=halo+reach'
ie = win32com.client.Dispatch("InternetExplorer.Application")
ie.Visible = 0
ie.Navigate(url)
while 1:
state = ie.ReadyState
if state == 4:
break
time.sleep(1)
print ie.Document.body.innerHTML
However this only works on win32 platform, I'm looking for a cross platform solutoin.
If anyone know how to deal this, please tell me.