JavaScript Injection using Firefox Mobile - javascript

I would like to inject JavaScript into a website on a mobile browser (in this case on android). However, most mobile browsers do not seem to support any kind of plug-ins (except for Firefox, correct me if I am wrong).
Firefox support for mobile plugin development seems to be minimal too, for example one can not install xpi-files by downloading them (I have yet to find out how one can install a plugin that is not hosted on the add-ons for android site)
Why not use existing solutions?
The best way to inject javscript would be Greasemonkey but this is not supported on mobile. Scriptish supposedly is but I could not install it on any device. There are android browsers specifically written to support Greasemonkey scripts (Fat Ape or Tampermonkey or OilCan) but these are not used by many and while they enable JavaScript injection the lack in their support for other browser-features.
What exactly is my question?
My experience in Firefox-Plugin development is minimal so I would like to know: Is there something that would prevent something like this to run on FF-Mobile? Could it be done with other browsers too? I don't actually need the full power of Greasemonkey, injecting the same few lines into any website would probably do.

Update 2
This again needs updating!
The new Firefox (current 95.2) no longer supports this method! But the old version still does! You will have to DL an old version (let's say 68.7). You can get it on ApkMirror. Then to install Greasmonkey either google it and choose the Mozilla page or just visit this link. On that page choose to download the file. When the XPI file will be downloaded it will automatically request to install it and that's it. You now have Greasemonkey installed on your Android device!
Be advised that this is an old unsupported Firefox version full of security holes!
Update
This needed updating!
The new Firefox now has full support for Greasemonkey add-on!
Instructions:
Find and install Firefox on the play store.
Run it and from the menu choose Add-ons and install your favorite add-ons like the ad blocker uBlock origin. Use the search and input Greasemonkey and install it.
Profit! :)
Old
If you want full Greasemonkey with even cross domain / cross site
GM_xmlhttpRequest support then your only option right now is: Opera
Mobile Labs (with Extensions) (link to APK is on that site).
Run Opera Mobile Labs app and visit Violent Monkey's extension
site and install the 1.5.1.1 (OEX version) by clicking on "Add to
Opera" and then choose "OK" (maybe you'll have to restart Opera
Mobile for the extension to work.).
To install an userscript you just need to load it in the browser by
visiting the user.js URL location. If you have userscripts on your
SD card, you can load them thru entering "file://" into the address
bar and navigate to your user.js files and then choose "OK".
If you have a bunch of normal scripts (no GM_ functions) then you
could also use this instructions (it's faster!):
Save your user.js scripts in a folder on your SD card (eg. "/sdcard/js").
Run Opera Mobile app and enter "opera:config" into the address bar and then in the "Quick find" input enter "javascript". Go
down and under "User Prefs" tick the following: "Always Load User
Javascript" and "User Javascript". Under "User Javascript File"
enter the path to the folder with your user.js files (eg.
"/sdcard/js").
At the end don't forget to tap "Save" otherwise your setting will not be saved! Restart Opera!
If you don't want to download the APK file then this second method
also works with Opera Mobile Classic. You can find the app in the
Play Store.

If you can install Google Chrome (Android > 4.0) on your mobile phone you can do remote debugging.
Overview of Google Chrome for mobiles :https://developers.google.com/chrome/mobile/docs/overview
Overview of Remote Debugging: https://developers.google.com/chrome-developer-tools/docs/remote-debugging

Another option for running Userscripts on mobile devices is the Tampermonkey userscript manager.
There are Tampermonkey add-ons for both the Dolphin and UC Android browsers.
Tampermonkey add-on for the Dolphin Web Browser:
https://play.google.com/store/apps/details?id=net.tampermonkey.dolphin
Tampermonkey add-on for the UC Web Browser
https://play.google.com/store/apps/details?id=net.tampermonkey.uc
To use them you first need to have the respective browser installed.

Related

How to fire "download from another browser" event from chrome? [duplicate]

Our Web application is based on IE9, which means only IE9 can open the pages in our site. We'll prevent user to browse our site when their browser is not IE9.
But sometimes we had to send a link to user's email box to complete some actions and they will open the link directly with their default browser, the problem is here, if the default browser is not IE9 then they can't open the link, they have to copy the link to IE9. Our user don't want do this manually, they want open the link in IE9 directly no matter what the default browser is.
I have tried using ActiveXObject, but it only works in IE. I want have a script which can open IE browser in Firefox/Chrome page.
It sounds like you want to have a link in an email that activates a specific program on the user's computer rather than the program that they've identified should be used (e.g., their default browser). I don't believe you can do that.
You can install "protocol handlers" in both Chrome and Safari (I suspect Firefox as well), which would let you send a link like ie://example.com/path/to/app. Your protocol handler would launch IE and take you to the relevant site. (Apple does this with iTunes.) But your users would have to install the handler (and, of course, you'd have to write it).
An easier answer might be to have the users install any of the ubiquitous "open in IE" add-ons/extensions that exist for Chrome, Firefox, etc. They follow the link, then choose "open in IE" from some kind of menu. (If they're using webmail, they may even be able to right-click the link and choose that line item, depending on the extension.)
Side note: Obviously, though, barring it being impossible I'd recommend making your application compatible with Chrome and Firefox.
No you can't do it..
but there is some alternatives:
Install your users IE tab:
FireFox - http://lifehacker.com/135297/internet-explorer-in-a-firefox-tab?tag=softwarewebpublishing,
Chrome - https://chrome.google.com/webstore/detail/hehijbfgiekmjfkfjpbkbammjbdenadd
Use a batch file that will launch your link in explorer.
use this Firefox plugin makes it possible to use (host) ActiveX controls in Firefox - http://code.google.com/p/ff-activex-host/
instead of ActiveX try using Netscape Plugin Application Programming Interface (NPAPI) - a cross-platform plugin architecture used by many web browsers.
Similar as with a batch file, you may create a link file to the page you need using the ".website" file extension with IE, which is configured in windows by default to open with ie. Put it in your webserver public folder and then add a link to that file in your website
You don't have to write code to create a custom protocol handler in Windows. See this page for how to define one in the registry.
You can use User agent switcher for chrome or firefox
For Chrome :
https://chrome.google.com/webstore/detail/user-agent-switcher-for-c/djflhoibgkdhkhhcedjiklpkjnoahfmg
For Firefox :
https://addons.mozilla.org/en-US/firefox/addon/uaswitcher/

How to test firefox plugin locally

I have a basic Google Chrome extension which needs to be ported to Firefox. I uploaded the .crx file to the Firefox marketplace and it got accepted but is under review rightnow. I downloaded the the generated xpi file and tried to install it locally but without any success. It tell that the plugin is invalid or corrupted.
Another method that I tried is I ported the extension using chrome-tailor and generated the xpi. I am able to install the extension in this but the content scripts are not injected and the extension doesn't work as expected.
I want to install it in Firefox and test it. I have also set xpinstall.signatures.required to false.
WebExtensions
To test WebExtension based add-ons, they are usually loaded as a "Temporary Installation in Firefox"
That MDN page describes how to temporarily install a WebExtensions (i.e. similar code to Chrome) in Firefox. The gist of it is:
Navigate to about:debugging
Click the button "Load Temporary Add-on"
Use the file selection dialog to select the manifest.json file, or packaged .xpi file for the extension.
Note on testing WebExtensions:
The WebExtensions API is still in development. For now, you are probably best off developing and testing your WebExtension add-on with Firefox Developer Edition, or Firefox Nightly. You should also make careful note of what version of Firefox is required for the functionality you desire to use. This information is contained in the "Browser compatibility" section of the MDN documentation pages.
Firefox Add-on SDK
To test Firefox Add-on SDK based ad-ons, use jpm run. You might want to take a look at this answer to "jpm run does NOT work with Firefox 48, or later"

Launch Chrome browser from Internet Explorer

We have a web application which has some features that works only in Chrome and I want to launch this web app using Google chrome browser with url of the web app as parameter from Internet explorer via a hyperlink. I tried
file:///C:/Program%20Files%20(x86)/Google/Chrome/application/chrome.exe
but it downloads the file + how do I add parameter to the exe.
By default, a browser cannot launch another program (plugins and extensions being possible exceptions). If they could, imagine the havoc some malicious user could get up to.
I don't think there's going to be a great answer for this, but you could make a .bat file that opens chrome to a particular URL (assuming you're using Windows), download that and click on it after it downloads.
Here is a useful answer in that case.
You could also (theoretically) make an extension or lower the security settings on IE to allow ActiveX controls. Here's a partial solution. I tried to make something similar a while back and didn't have much luck, but if you're determined...
Maybe there's a better way that doesn't involve such complicated solutions?
I found myself needing to achieve this myself. It appears a later release of Chrome had broken the fix described in Adam Fowlers blog.
I got in touch with him and he's now updated his post, providing the now necessary registry changes required to make this work.
I've tried this myself and it works nicely.
Adam Fowlers blog post - How to launch a URL in Google Chrome
https://www.adamfowlerit.com/2015/05/how-to-launch-a-url-in-google-chrome/
Big thanks to Adam for his time! Hope this helps.
This is a .reg file that creates (on a 64-bit Windows) a special URL protocol that allows you to open chrome: links in Chrome:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\chrome]
#="Chrome URL Prorocol"
"URL Protocol"=""
[HKEY_CLASSES_ROOT\chrome\Application]
"ApplicationIcon"="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe,0"
"ApplicationName"="Google Chrome"
"ApplicationDescription"="Access the Internet"
"ApplicationCompany"="Google LLC"
[HKEY_CLASSES_ROOT\chrome\DefaultIcon]
#="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe,0"
[HKEY_CLASSES_ROOT\chrome\shell]
[HKEY_CLASSES_ROOT\chrome\shell\open]
[HKEY_CLASSES_ROOT\chrome\shell\open\command]
#="cmd /v:on /c \"set url=%1 & set url=!url:chrome:=! & \"\"\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\"\"\" -- !url!\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\chrome]
"WarnOnOpen"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\ProtocolExecute\chrome]
"WarnOnOpen"=dword:00000000
Links should be like chrome:https://google.com or chrome:google.com. "chrome:" part is removed before launching Chrome.
You can use a URI Scheme, Google installs one by default as shared by Adam Fowler here:
http://www.adamfowlerit.com/2015/05/28/how-to-launch-a-url-in-google-chrome/
So you can create a link like this (note the space before the URL):
ChromeHTML:// www.bbc.co.uk
But it is broken! There's a bug report with Google, see Adam's article. It would be good to add some weight/comments to this bug if you want it fixed.
However your next decision depends on whether you have some control over the deployment of your web application because these bugs can be fixed using registry fixes.
Interestingly, if you can deploy registry fixes, in theory you could create your own URI schemes.
If you can modify the IE permissions on the PCs needed, you can use a javascript link to launch a process. Mine launches a custom program that launches chrome with command line switches and a URL, or opens a web page that indicates they need to contact IT to install Chrome on their PC:
javascript:(new ActiveXObject('Shell.Application')).ShellExecute('\\\\server\\path\\LaunchInChrome.exe', '-incognito --use-system-default-printer https://outlook.office365.com/owa/?realm=xxx http://webserver/MissingChrome.html');
But you could modify it to launch chrome.exe directly instead. You will need to enable Initialize and script ActiveX controls not marked as safe for scripting in the Intranet Zone (I wouldn't recommend this for any other zone).
you have to pass the parameter to chrome, something like this.
start chrome https://www.google.com/

Detect when Firefox plug-in is blocked

Is there a way through JavaScript or a web service to see if a plug-in installed in Firefox is being blocked by Mozilla? In particular, on my web site, I want to be able to tell if Mozilla is blocking an outdated version of Adobe Flash and adjust our UI accordingly.
The address that Firefox uses to download the blocklist is defined as extensions.blocklist.url preference:
https://addons.mozilla.org/blocklist/3/%APP_ID%/%APP_VERSION%/%PRODUCT%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/%PING_COUNT%/%TOTAL_PING_COUNT%/%DAYS_SINCE_LAST_PING%/
Fortunately, not all of these parameters are required, this address will work to download the current blocklist:
https://addons.mozilla.org/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/21.0/
This is the ID of Firefox and the version number of the current release, so the blocklist could be different for other Mozilla applications and other Firefox versions. Looking through https://addons.mozilla.org/blocked/, there are some items listed as "for Firefox version n.n.n and higher", some are listed as "for Firefox and SeaMonkey" and others again as "for all Mozilla applications". Still, it seems that the blocklist for the current Firefox version should be the most complete one.
You can download and process this file in a web service, then adjust the behavior of your web application accordingly.

How do I check in Firefox and Chrome if a plugin is installed

I'm using an embedded plugin in my web app to enable scanning (Dynamsoft's webscanning plugin). I'm serving an xpi to firefox users and a crx to chrome users. When viewing the page without the plugin installed, Firefox will try to download the plugin and the user will need to click "manual install" to install it. Chrome will make no attempt to donwload the plugin (this is by design, according to http://code.google.com/p/chromium/issues/detail?id=15745)
I would like to use javascript to detect wether the plugin is installed or not (preferrably before trying to load it through the embed tag). If no plugin is installed, I want to provide an explanation and a link to the correct plugin to the user. Both browsers install their respective plugins without any problem if the user clicks at a download link instead of just trying to load through the embed tag.
So, does anybody know a way detect wether a plugin is installed using javascript?
Have you had a look at window.navigator.plugins?
..and the equivalent reference for webkit plugins-
The Apple reference for the WebKit DOM appears to have disappeared. navigator.plugins does work for me in Safari & Chrome. See a jsfiddle here: http://jsfiddle.net/2EaKD/
Sounds to me like a potential security hole, if a website (something remotely) could access your plug-ins (something locally). So I guess this is not possible.
Your addon can monitor which pages are opened by the user. If it is your page, you can make your addon set a global variable in that page and your page's JavaScript should be able to detect this.

Categories

Resources