how to communicate with desktop application from web page loaded over https - javascript

I'm trying to make desktop application that receives messages from a page running in the browser. The desktop application can be written in any way, i just need to be able to talk to it from the browser. The web site is written in angular. I don't care about the response from the desktop application or need to communicate back to the browser in any way. Serving the website over https is causing issues though (but a requirement), and I was wondering what a good way around those would be.
The ideal solution was to make the app a web server and just have the website post to localhost:PORT and the server would get the request and do what it needed to do. however, since the website is served over https, it blocks the http request to localhost due to mixed content rules.
i tried submitting a form on the page and having the target be a hidden iframe, but that also gets blocked due to it not being https.
I tried changing the target to be _blank, and that "worked" but it opens a new tab with the response in it, which would be really annoying while you're using the website (it's supposed to be in the background). I set up the response to have a window.close in it, but the window still flickers for a second each time and it's something i would like to avoid.
I tried making a self signed certificate for the desktop application's server but the browser blocks that until you accept it for the first time, and I don't want people to have to go to "https://localhost:1234" in their browser and accept the insecure. I'm imagining getting a valid certificate for a localserver isn't possible too.
Is there any to accomplish this? Thanks

You can redirect the browser to http://localhost:PORT (e.g. using status code 302 or window.location in JS) and pass data to desktop app in query string. That should execute in browser without warning. Then you can return some html back from desktop app to browser. If your data for desktop app are too big to encode in query string, you can pass just url in query string where desktop app can download the data.

Related

How does external protocol request works and how it can be used to start some client application?

Whenever anyone uses torrent magnetic link of torrent there is a pop up that comes up with external protocol request title. I want to know how this protocol works and how this can open an application on client from a web page.
The dialog you're referring to is completely handled by the browser that you're using and the protocol of the link that you're clicking.
Normally, links between web pages uses the following scheme:
http://www.website.com/something
If you change the protocol (in this example the "http" part) you will then refer to another application, if installed in the client machine. For example, if you click on a link that point to
ftp://www.website.com/something
your browser will search for an application that can handle the "ftp" protocol.
In general, when a browser detects a link that is not something that it knows, it tries to redirect the request to another application that has been previously installed by the user and that has stated some sort of compatibility with that protocol.
The popup is not something related to the magnet link. If you'd like to get further information on the protocol, this Wikipedia page explains it clearly.

how to create web pages in which network requests cannot be captured by browser's debugger

This doesn't involve coding. I am just curious on how to make a page like the one described below.
I came across a website where we can attend quiz/tests.
I tried to debug the browser so that I can see if I could hack through the codes by getting the values that are getting passed in debugger.
But to my surprise the debugger is not coming up when I click F12 in that page.
Somehow I opened debugger for that page and I clicked on the Network tab to capture requests that are sent.
But as I was proceeding through the test, not even one request is getting captured in the debugger but the answers are getting validated and scores are getting updated !! I was not even able to do inspect element
I guess its a java applet as i saw the below line in the the launch button
flagPlayerCourse = true;launchApplet(secureSessionId,courseName, courseType,winParams, use508);disablePlayButton(1, 0);
the url had SinglePassUserCmd.cfm?sessionid=3xxxxx
So my question is how can we create such a webpage in which the requests are not captured in the debugger!? I would be happy if someone could tell me how do the same in asp.net. In which language can we develop such web pages!?
Applets are completely different world. Its almost as good as running a .net application on your client machine.
What you see in the debugger are ajax requests and resources loading. If a site doesn't make them, you won't see any network requests in the browser.
That doesn't mean that you can't capture the data being send. You can always use a debugging proxy like fiddler to see what traffic is going across. Ofcourse a secure site would secure their traffic over https.
Applets require a java plugin in your browser. There are similar plugins like Silverlight, flash/shockwave(swf) that too can make network requests.

Download file without javascript

There's this website which has a javascript method in it that downloads a file. To call this method you have to set what language and serial number you're looking for and when that's done, the file is being generated according to the specified information you've just stated and then the file is being downloaded. Does anyone know how to specify this information, then send it and then download the file without going to this website?
Thanks in advance, Steve-O
If you use any tool that shows you what actual networking happens, you can discover the specific web requests that downloads the file. Chrome has those tools built in. The Firebug add-on adds those tools into Firefox. There are also apps that record all networking to/from the browser such as Fiddler which can be used to sleuth on the networking being done.
Of course, there may also be some authentication going on (a log-in, some cookies, etc...) that might be required, but all of that is visible with the right developer tools. Once you see exactly what is being sent over the wire, it's usually not hard to send that same request without a browser or without visiting that web page. If login credentials are required, that will still be required, but even that can be provided without a browser (e.g. from a server-side script).
JavaScript, as of the moment, can't download files. So how files gets downloaded? Well, the developer redirects the browser to a URL using
location.href = 'http://site.com/download.zip';
When the browser is redirected to this URL, it can't open the file, so it downloads it.
You need to determine that URL the browser redirects to. There are many ways to do that. One that comes to mind is the Fiddler app that records each HTTP request and thus can give you the URL.
My guess, however, is that the URL is generated on the fly. You need to study the JavaScript in this case and see the required mechanism to make the server generates the URL.

Programmatically call a firefox extension from javascript

I have seen this excellent firefox extension, Screengrab!. It takes a "picture" of the web page and copies it to the clipboard or saves it to a png file. I need to do so, but with a new web page, from an url I have in javascript. I can open the web page in a new window, but then I have to call the extension -not to press the control- and saves the page once the page is fully loaded.
Is it possible?
I am pretty certain that it is not possible to access any Firefox add-on through web page content. This could create privacy and/or security issues within the Firefox browser (as the user has never given you permission to access such content on their machine). For this reason, I believe Firefox add-ons run in an entirely different JavaScript context, thereby making this entirely impossible.
However, as Dmitriy's answer states, there are server-side workarounds that can be performed.
Does not look like ScreenGrab has any javascript API.
There is a PHP solution for Saving Web Page as Image.
If you need to do it from JavaScript (from client side) - you can:
Step 1: Create a PHP server app that does the trick (see the link), and that accepts JSONP call.
Step 2: Create a client side page (JavaScript) that will send a JSONP request to that PHP script. See my answer here, that will help you to create such request.

How to use the javascript SDK from a desktop application

I'm writing a desktop application to interact with facebook by using an embedded browser which is running HTML \ javascript from local files.
I was able to use the login dialog to retrieve a token (using the method described in the facebook documentation for desktop applications), but i'm still failing call basic SDK functions, such as FB.init() and FB.getLoginStatus().
When executing FB.init():
FB.init({
appId: '120260327220',
status: true, // check login status
oauth: true // enable OAuth 2.0
});
I get the HTTP response (through HTTP sniffer):
<span>Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the Application configuration. It must match one of the Connect or Canvas URLs or domain must be the same as or a subdomain of one of the Application's base domains.</span>
And when executing FB.getLoginStatus():
FB.getLoginStatus(function (response) {
if (response.authResponse) {
alert("logged in and connected user, someone you know");
} else {
alert("no user session available, someone you dont know");
}
});
i get nothing!
The application is completely client based, meaning i have no server side, thus there's no URL to register the facebook application with. Running on IE.
Does anyone know if and how i can use the facebook javascript SDK from a local javascript file (for desktop application)?
EDIT: configuring the application URL to be http://localhost is not a valid option, since eventually this script should be able to run on any machine, whether localhost is configured or not.
Thanks.
Related:
The JS SDK is designed to be used on websites (per definition served and accessible over http or https) and we do not plan to support the use of file: or any other protocols.
This is consistent with plugins in general, where http/https URIs are usable as identifiers (open graph amongst others), but where file:// URIs are not.
You can try initializing the SDK inside a web accessible document including using an iframe - note then that you will have to add logic to ensure correct resizing.
As an answer to a Facebook bug report.
As you mentioned that you have an embedded browser within your Desktop app so in this case what you can do is host the app's page that has facebook related functionality over the web and pull this same page's url inside your embedded browser. This way you will be able to provide a valid domain in app's settings and not localhost. Also you can make valid calls to facebook APIs from your page and your Desktop app can then make use of all these facebook related data as they are being pulled onto your embedded browser.
In a nutshell your Desktop app will be much like the Facebook's canvas where the app's page is pulled and displayed inside the canvas. However in your case you will be having a complete control of how, when, where and which parts of the page gets displayed and moreover a properly glued and well structured UI will make the external page and Desktop app blend together and users will never come to know the difference.
Since I got no acceptable answer here are my realizations and what I eneded up doing::
There's no way to use the Facebook SDK on local page due to cross domain ajax issues.
The way to work around it is using JSONP ajax calls to Facebook's graph API (JSONP is allowed for cross domain).
The login process is done by navigation (in a new window) to the login page, with specific URL parameters to set the page's attributes.
If you are using PhoneGap 1.0 and Xcode 4, start by following these instructions: http://www.pushittolive.com/post/1239874936/facebook-login-on-iphone-phonegap
My installation looks like: http://cl.ly/AHQ1
Be sure to move the ChildBrowser.js file out of the plugins folder and into the root of your www folder. Also be sure to link to that ChildBrowser.js in your index.html file.
Then follow these 3 steps, http://collingo.com/2011/08/18/installing-childbrowser-ios-phonegap-plugin-in-xcode-4/
Lastly, update your PhoneGap.plist file as mentioned in this post: http://wiki.phonegap.com/w/page/43708792/How%20to%20Install%20a%20PhoneGap%20Plugin%20for%20iOS, mine looks like: http://cl.ly/AHAH
What is the Application URL that you have set on the application's Developer page? I'm just guessing based on the FB.init() error message that you need the to set the URL to be "http://localhost/start page name". When debugging our application we run it locally and have the URL of the application set this way.

Categories

Resources