I have a java application that can create a Socketed lan server to parse information from a website, with the main goal of collecting chat data. At first I was in a test version of that website and was able to just open a web socket in a chrome extension then save it toward the Java server. Now that I have went to the public version of the site where its actually heavily protected, the site has the Content Security Policy, that disallows the use of Web Sockets from chrome extensions. I am unsure if there is any possible way to transfer that chat data from the site to the server via google chrome extension or any other way.
I was trying to open a socket inside of the Website itself. "wOxxOm" gave me a lead that you cannot do that and I later on understood that you had to use websockets in the background.js of the chrome extension.
Related
I am creating a Google Chrome extension (and possible support for Firefox and Safari) that displays a brief summary of the page the user is reading. The extension detects the url from the browser's tab, sends it to the backend app server, which creates a summary and returns the response back. There's some more backend machine learning analysis that is being done on the content (hence the need for backend app server).
During my local testing, I found that my extension is showing summaries for pages which are also behind paywalls e.g. NYTimes. I want to respect the paywalls. So my question is, is there a way for my extension to detect if the url is behind a paywall - and then respect it? I believe this can be achieved through the use of cookies - but I'm not entirely sure how to have a generalized solution.
I had to develop a Chrome Extension for a website i'm working for. I finished developing it just fine. But Chrome automatically turns it off after browser restarts, with following reason:
This extension is not listed in the Chrome Web Store and may have been added without your knowledge.
My question: Is it possible to have a "Trusted" extension without publishing it to the Chrome Web Store. I don't want to publish it because it wouldn't make much sense, because it is for a very restricted number of "corporative" users.
The chrome web store allows you to hide your extension from public listings. It also allows you do inline installation. This would allows users to install the chrome extension in their browser without ever having to leave your website. So it would be hosted in the chrome web store, trusted, but only installable from your own website.
Chrome Apps like Advanced Rest Client and PostMan etc. can successfully set the Referrer header of an Ajax request whereas websites are not allowed and the browser resets them before sending the request. Why and how are the chrome apps and extensions allowed to do that and not the websites
An extension is a piece of software that has to be installed by the owner of the browser. It is trusted.
JavaScript running on a website only needs the owner to visit the website in order to execute in the browser. It is not trusted so gets many more limits placed on what it can do.
I'm trying to develop a Chrome App that will work together with a Chrome Extension that I already created, wherein the Chrome Extension will send information to the Chrome App.
For this communication I thought use the WebSocket locally, in Chrome Extension I managed to make the Client, but now I'm having difficulty in creating the Server in the Chrome App, because I wanted to make as simple as possible without having to install something beyond of the Chrome App.
Among the first Google results there is a sample app from Chrome team: Http WebSocket Server.
You've got to understand that making a server in Chrome Apps is difficult; you are given access to a raw socket, and you need to fully implement the protocol that a particular server must use. Even a HTTP server is non-trivial, WebSockets is even less so.
So: it's possible, but it's not simple unless you're using an existing library.
Just to add to the accepted answer:
There is a Chrome Extension already in the Chrome Web Store: Web Server for Chrome.
And it is opensource: GitHub Link. You can use it as a library to your Chrome App.
Cheers!
I'm trying to create a web page that can connect to a client-local WebSocket server. The idea is to use the JavaScript client running in the browser as kind of a proxy to enable communication between the remote web server and the locally installed client application which implements the WebSocket service.
So basially, what I'd do is load a web page from https://example.com which includes some JavaScript that opens a new WebSocket to ws://localhost:1234/context.
This works fine as long as the web page is accessed via http. As soon as https is used, however, Firefox and Internet Explorer refuse to connect and the WebSocket constructor throws an exception (SecurityError, code 18).
Now, I already found advice from Mozilla stating that https sites should only use secure (wss://) WebSockets and plain http sites should only use plain WebSockets (link). But I don't really see the security issue when connecting to localhost from within an https context. Besides, this works like a charm for Chrome, Opera and Safari.
So the actual question is: Is there any way to work around this issue? Like introducing a non-https context inside the web page or something similar to get all browsers to connect to ws://localhost from within a https-delivered web page?
Thanks a lot in advance! I'm not exactly a web developer so this kind of browser-specific behaviour isn't really in my fields of expertise :)
You have to accept the cert first.
You can do this by simply going to https://localhost:1234/context, in your case. Once that's done, you can use the wss URL in your question.