DNS-SD on client-side javascript - javascript

Is it possible to discover services using DNS-SD on client side using some JS library (so to discover services on client's local network)? I found a lot of libraries on npmjs.com, but they all work on Node.js, not on client-side JS.

DNS is (historically) a UDP-based protocol. Browsers traditionally sandbox the networking capabilities and allow to send only HTTP or HTTPS (i.e. TCP) requests from JavaScript code. So, the short answer is No.
However, if you truly need this feature, you could look into the DNS-over-HTTPS technology which got some traction recently. Alternatively, you can try searching for ways of sending UDP packets from the browser. I don't have much knowledge in that domain but WebAssembly or WebRTC potentially may have something implemented already.

Checkout the sample app in the Chrome Web Store.
mDNS browser
This is a non-trivial sample which uses the UDP multicast support in Chrome Packaged Apps to browse mDNS servers. mDNS protocol is usually used for home appliance devices, like the Apple's Bonjour. Read more about the mDNS protocol at this Wikipedia's article
See the source code at https://github.com/GoogleChrome/chrome-app-samples/tree/master/mdns-browser

Related

Is it possible to write a web server running in a modern browser such as Chrome, Firefox, IE, Safari?

In the Substratum Initial Coin Offering (ICO), the White Paper talks about solving problems of the current Internet, by allowing hosts to become web hosts.
Based on reading of the White Paper, the team looks like they're intending to write Javascript that runs on any modern browser (IE, Safari, Chrome, Firefox) on any platform (Windows, Linux, etc) to turn it into a web server.
As the White Paper is very general, I'm not sure if the team's Javascript is also having some form of access to uPnP technology that tells the nearest router to forward port 80 into the (supposed) web browser that's running on the web server.
Does anyone familiar with current web browsers know if browsers are capable of:
Providing access to uPnP that can tell routers to do port forwarding?
Running a web server using Javascript?
Thank you. (I'm familiar with general programming, just not capabilities of current web browsers. Please limit responses to capabilities of web browsers)
There are some JavaScript libraries such as nohost that use Service Workers to mimic a file server on the client-side. This is apparently possible because service workers are able to send custom responses to HTTP requests.
It might also be possible to run a server in a browser in an x86 emulator in JavaScript, though I don't know if this has been done yet.

Browser Chat Without internet

Can anyone explain me the possibilities of creating a web chat (i.e similar to whatsappweb) which works without internet connections the only possible way that these device communicate is either by WiFi or Bluetooth (i.e Peer to peer). If it is not possible on earth could then explain why?
I've come across some javascript files like peer.js. But it uses internet i think. I want it to work without internet connectivity.
Thanks in advance.
With WebRTC it is possible to establish peer-to-peer communication between web-browsers in the same local network: https://developer.mozilla.org/en-US/docs/Web/Guide/API/WebRTC/Peer-to-peer_communications_with_WebRTC
A server is only needed for communication outside of a local network: http://blog.vline.com/post/63765098884/webrtc-if-its-p2p-why-do-i-need-a-server
There is another demonstration in this page: https://hacks.mozilla.org/2013/05/embedding-webrtc-video-chat-right-into-your-website/
However WebRTC is a relatively new system that is not widely supported - so consider it experimental at this stage - but it has the backing of Mozilla, so it might end-up somewhere.
However you are limited to the capabilities that WebRTC provides - and as your code is still JavaScript that runs in the browser you will not have access to any kind of actual networking API (such as Berkeley Sockets) or lower-level control of hardware, such as the ability to create Ad-hoc Wi-Fi networks, new Bluetooth Personal Area Networks, or LE Bluetooth connections... at present.
Google is working on making a Bluetooth API available that runs in the browser. Presently it is only available to Chrome Extensions, but it may soon be available in web-pages in general: https://developers.google.com/web/updates/2015/07/interact-with-ble-devices-on-the-web
Ofcourse there is a way to make this happen. You would have to set up a webserver on the device with this webapp. You could then connect with localhost or 127.0.0.1 . Other people would have to join your hotspot and connect to your ip address.
If you want to connect automaticly you would have to write a real app.
Browsers run in a "contained" mode. No hardware access is possible from any script ran inside the browser, thus there's no way to initialize and setup the device to start direct communication.

Digital signature with Javascript

So I'm stuck with this problem:
IE Edge no longer allow applets, activeX, etc. ,
and I have this applet that is used for digital signature,
the idea is to extract the private key from the KEY file in the client side, in that way the private key never leaves the client's computer, that is a requirement for security, it can't be avoid :(
I'm looking for APIs or frameworks, but I can't found a way to solve this,
with jsrsasign the examples uses a PEM file but my users have .CER + .KEY + password, in java I can do it, but I need to do it in javascript or in something on the client side.
and, reading the Web Cryptography API and some examples I found, they generate NEW private and public keys to sign BUT they never READ an existing CERTIFICATE
does anybody have this problem or know a framework I could use?
please heeeelp!
So the answer was to use JSRSASIGN (http://kjur.github.io/jsrsasign/) in the examples posted in github it uses PEM files, I build an example to use CER+ KEY + PASSWORD >> https://github.com/alfredomova/firmaJs-with-jsrsasign-example,
for that specific example i used sparkMD5(https://github.com/satazor/SparkMD5) to calculate the file's hash.
Modern browsers no more supports ActiveX, applets. WebCrypto API generates and uses keys dynamically but does not have capability to access Certificates from Certificate Store.
The accepted answer provided by Alfredo M, who has also asked question, points to JavaScript to handle cryptography in browser which does not talk about accessing local Certificate Store. Recently Certificates are not being generated/issued as pfx (or PEM) files but on Cryptographic device like USB Token or smart card.
Thus we need to use Browser Extensions for modern browsers where application running behind the Browser can access Certificate Store and sign the hash. One such browser extension is provided free by my Company. You just need couple of lines of JavaScript code to call methods provided by any Browser Extension to achieve Digital Signing from modern Browser. If you just want to sign files or eReturns, you don't need any server side component. If you want to sign pdf, you may need pdf component on server side.
You don't necessarily need to force your web app to work in Edge since it no longer support the legacy technologies that your web app is using.
"Use Enterprise Mode with Microsoft Edge to open Internet Explorer 11
for your business’s sites that require IE’s proprietary technologies."
Include your site on the Enterprise Mode Site List so it will open in IE11 automatically:
Once Edge detects that your web app is using propietary technologies, it will tell you to open your site in IE11.
The steps and the details can be found in this blog post by the Microsoft Edge team and check the user experience section of the blog so you'll get the idea of the UX it will bring to your users once implemented:
http://blogs.windows.com/msedgedev/2015/08/26/how-microsoft-edge-and-internet-explorer-11-on-windows-10-work-better-together-in-the-enterprise/

Configure CORS when accessing AWS ELB service using AWS-SDK-JS

I'm working on a ELB monitoring application that I'd like to build with JS and host directly in S3. I have no experience of JS and I'm struggling to get to grips with CORS.
I have successfully created a build of the SDK for my browser (http://docs.aws.amazon.com/AWSJavaScriptSDK/guide/browser-building.html) which includes ELB API support.
I have integrated Amazon login (http://docs.aws.amazon.com/AWSJavaScriptSDK/guide/browser-configuring-wif.html) with my script and I have attached it to an IAM WebIdentity role.
When I call
elb.describeInstanceHealth(elbRequestParams).on('success', describeInstanceHealthCallback).send();
I get an error in Javascript console
XMLHttpRequest cannot load 'elasticloadbalancing.eu-west-1.amazonaws.com/'. The request was redirected to 'aws.amazon.com/elasticloadbalancing', which is disallowed for cross-origin requests that require preflight.
I can't find any clear documentation that what I'm trying to do won't work, but, I'll admit I'm confused by some of the terms in the documentation and I have no experience of CORS in previous applications to fall back on. I would think the whole JS-SDK for the browser is a bit redundant if the majority of services aren't CORS aware and need to be.
I can get this working by disabling web-security in my Chrome browser, obviously this isn't a good workaround but would indicate to me that CORS is the issue.
Is anyone familiar with this approach, is it a problem that I'm hosting on S3, or, would I have this problem from any server? Should I be configuring my S3 bucket with CORS, or, is it that there's no CORS policy on the 'elasticloadbalancing.eu-west-1.amazonaws.com' endpoint?
Thanks
Andrew
I have successfully created a build of the SDK for my browser (http://docs.aws.amazon.com/AWSJavaScriptSDK/guide/browser-building.html) which includes ELB API support.
The referenced page already provides the first clue towards the lack of CORS support for elasticloadbalancing.eu-west-1.amazonaws.com you correctly suspect to be the cause here:
If you are working with the SDK outside of an environment that
enforces CORS in your browser and want access to the full gamut of
services provided by the AWS SDK for JavaScript, it is possible to
build a custom copy of the SDK locally by cloning the repository and
running the same build tools used to generate the default hosted
version of the SDK.
That is, the main reason for the official AWS SDK for JavaScript in the Browser excluding all but the currently 5 services listed in section Supported Services within Working with Services in the Browser is their lack of CORS support:
It is possible to use the SDK with other services if CORS
security checking is disabled in your environment. In this case, you
can build your own custom version of the SDK. See the Building the
SDK section of the guide for more information on how to create a
custom build of the SDK.
Unfortunately neither Amazon EC2 nor Elastic Load Balancing currently offers CORS support, see e.g. this recent Feature Request (CORS support for EC2 service), where the author rightfully reaches the same conclusion as you did already (while also hinting on Node.js to be another major use case, which supports all available AWS services, see Working with Services in Node.js):
From my point of view if AWS is providing a aws-sdk-js library all AWS services supported by this library should support CORS so that the aws-sdk-js iibrary is not just useable in a node.js environment but also in a browser.
While I agree in principle and would have expected faster turnaround times on this myself, AWS is well known for an agile approach to product development, i.e. start early with a small feature set and improve over time based on customer feedback. Notably the SDK is labeled Developer Preview only, i.e. not even BETA yet and I'd hope this to be addressed in the future accordingly - admittedly this is easily overlooked and a more prominent warning might go a long way in sparing users the time to figure out this limitation by themselves.

Communicate with the local machine from a web page

We have a web application. There are physical devices that we need to be able to communicate with, and we have access to all of our clients computers to install whatever software we need. Now, for the question: Is there a way to make this browser-agnostic? As in, not requiring ActiveX controls?
One of my ideas was to install a custom made webserver on each client and then have javascript on our webpage that communicates with that webserver. This could be done by the same way that http://earlz.biz.tm javascript can access subdomains assigned to 127.0.0.1 such as http://loopback.earlz.biz.tm The problem with this of course is that the client's custom made webserver would be forced to run on port 80(which will have conflicts at least sometimes), or we would have to use a nonstandard port for our web application, which is quite undesirable.
Does anyone else have ideas on how to do this?
Just to clarify. Our clients will be using regular PCs with Windows. We need to communicate with physical devices through these PCs. One such thing is a signature pad. So we want for people to be able to sign the signature pad and it show up in the web page.
I don't think browser-based is the solution for this. There are too many security issues. You're better off writing a desktop application that incorporates some web functionality.
I think web servers and possibly comet is the way to go.
Web servers can run on any port you like, as long as there aren't any firewalls blocking the ports, or they are configured to allow http traffic to pass through on different ports. Although theres nothing wrong with just using port 80 either.
On the mini web server you will then need to interact with the device. You mention you are a .net shop, so you will probably have to install linux and apache + mono on these devices - not sure if this is feasible.
Sounds like a great project.
I would try to look at Java Applets...
http://java.sun.com/developer/onlineTraining/Programming/JDCBook/signed.html
"JDK 1.1 signed applets can access local system resources if the local system is properly set up to allow it. See the JDK 1.1 Signed Applet Example page for details."

Categories

Resources