Develop Reference

Google one tap login noCredentialsAvailable [duplicate]

I assume it has something to do with this:
For me Google one Tap stopped working on all my sites that previously worked. I added API HTTP refer to restriction in console.developer.com, but I still get a warning message "The client origin is not permitted to use this API." any thoughts? If you go to the page https://www.wego.com/ you can see that Google one tap still works...
https://news.ycombinator.com/item?id=17044518#17045809
but Google YOLO stop working for everyone. I use it like many people for login and it just stop work.
My domain are obviously added on console.developers.google.com
Any ETA for fix this? Some information would be great for people who rely on it.

Google YOLO is not disabled. It is open to a small list of Google Partners.
The reason you were able to access it earlier was because it was open for a short period of time but the whitelist is now readded/enabled.
Reference:
https://twitter.com/sirdarckcat/status/994867137704587264

Google YOLO was put on whitelist after a client-side exploit became clear to google.
People could cover the login button of the prompt with something like a cookie consent (which we all know people automatically accept).
Therefor people could easily steal their gmail or other details due to this google decided to put it on whitelist and review the sites that are using this technology in order to ensure that they are using it as they should.

Google retroactively labeled One-Tap as a "closed beta".
https://developers.google.com/identity/one-tap/web
The beta test program for this API is currently closed. We are improving the API's cross-browser functionality and will provide updates here in the coming months.
The link for the entire project is currently 404, but the beta statement is visible on the wayback machine.

Why can't I get the full URL from a Google search

I search Google for a phrase which brings up my website.
Google shows a URL similar to
https://www.google.co.uk/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=my%20search
This brings up my website. On the landing page of my website, I have the following javascript
alert(document.referral);
This shows me the value
https://www.google.co.uk/
No querystring!
Research suggests the issue is likely due to my website being HTTP but both Google and my website use HTTPS
Why can I not get the search phrase from the query string?
Edit
Based upon the links I've been provided (thanks) I can see what you are claiming the issue is. Google doesn't allow it! However, I'm not sure I agree with this - there are many web analytical programs which provide this information. The company I have used (which admittedly can only provide keywords for 5% of all visitors) can do this... And I only embed some javascript. I can only assume it's because visitors can home HTTP:://google as opposed to HTTPS::google

have a look at this document: http://blogs.adobe.com/digitalmarketing/analytics/the-impact-of-google-encrypted-search/
It apparently has something to do with google running HTTPS. on my local tomcat server running HTTP, i get
http://servername/tools/errorlog.jsp?env=Prod&logType=EXTAUTHLOG when running
alert(document.referrer) in a console
Duplicate of:
How can I get the correct referer via JavaScript if the referrer uses https? ??

How to get user's default search engine on iOS and Android?

Can I get users's default Search Engine on iOS and Android?
I heard the followings:
window.getSearchEngine();
but, it doesn't work.
Someone,pls help me...........

try this code
I haven't yet been able to make the setSearchEngine() function work because for some reason I don't have permission to do so (i.e., canSetSearchEngine() returns false).
I know the Yahoo code works so it appears that it must be possible to do. I wonder if the js file has to be hosted on a whitelisted domain related to the selected search engine. IOW - perhaps only js code served from a yahoo, google, or bing domain has permission to call the setSearchEngine() function.
window.canSetSearchEngine()
window.getSearchEngine()
window.setSearchEngine(string)

What is "chrome-extension://"

I found the some strange <script/> tags on a site:
<script src="chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/document_iterator.js"></script>
<script src="chrome-extension://lifbcibllhkdhoafpjfnlhfpfgnpldfl/find_proxy.js"></script>
...
I haven't been able to find much information on this, but I highly doubt this is actually related to Google Chrome since this site in particular is still using <table>s for layout, and the source in question was retrieved with curl not a graphical web browser.
So,
What on earth is this?
What is chrome-extension://
Why is it using lifbcibllhkdhoafpjfnlhfpfgnpldfl as a directory name
Why is it pretending to be valid URL to a javascript file?
Why would I need find_proxy or document_iterator
Solved. As far as I know...
chrixian was right, It seems that only on this and a few select other pages, someone had re-saved them from Chrome's source-view with the Skype extension installed.
Thanks everyone for all your help, +1's for all! enjoy!

That is actually Skype Click to Call chrome extension.
Manage and view it using this link
chrome://extensions/?id=lifbcibllhkdhoafpjfnlhfpfgnpldfl

If you are using cURL to get the page, you're getting the HTML as it exists on the server--so I think a safe assumption would be: the author of the page initially saved the page from Chrome, he had an extension installed that inserted these script tages and lastly he didn't remove the script tags for one reason or another before putting the page on the server.

This is added by chrome as the page loads, to inject the extension's Javascript code into the page, so it can access the HTML document.

The Skype extension causes it by inserting all kinds of junk in webpages that you visit.
Do you have the Skype browser extension installed for Chrome?
Just disable the extension.

Chrome, like Firefox, provides developers with an easy API to extend the functionality of the web browser without needing to actually download and build the browser to do so.
They also provide a robust delivery system. In Google's case, it's the Google Chrome Web Store.
Extensions are installed locally on your computer, and use long strings as directory names to reduce the risk of collisions with another extension. In other words, if you and I both named our extensions "mycoolextension", then there would be a problem if a person tried to install your extension and my extension. The long string helps prevent collisions such as this.
The chrome-extension:// protocol is used by the browser to make requests to these local resources. Chrome extensions are developed using HTML5, JavaScript, and CSS, along with an API exposed to allow the local JavaScript to perform actions it would not normally be able to do on the Internet.
When you see these in the Chrome developer tools, it's just the extension doing it's thing, whatever that may be.
If you're seeing these, then you likely installed some extensions from the Chrome Web Store. To view them, go to the Tools menu and select "Extensions". This will show you a list of all installed Chrome extensions and apps.
To learn more about extension development, see the Getting Started Tutorial.
Also, as someone else mentioned, you're using the Skype Call Extension. However, an app using that directory name doesn't appear in the first page of the search results. It might be worth doing some more research to make sure you got that extension from a legitimate source, whether that be Skype or the Chrome Web Store.
If you're seeing it in Chrome developer tools for every request you make, it means it has access to all your websites, which could be benign, like if they're just making phone numbers clickable, or it could be malicious, if it's scraping your bank account info and shipping it off to some third party server. :)

It's a Chrome extension, and chrome-extension:// is a URL for extensions to address their contents via Javascript.
lifbcibllhkdhoafpjfnlhfpfgnpldfl is the unique identifier for the extension. I can't find it with a search, but apparently it might be Skype.
It's not pretending... it is a valid URL. The Javascript file is located in the extension. If you were to look on your harddrive you'd probably find that very file in the extensions folder.
The functions its calling probably are some sort of detection used by the extension to see if it needs to enable itself.
See this for some additional information:
Checking if user has a certain extension installed

How to get Google to index pages which get redirected using javascript

I'm using google maps for a website. All the data available via the map on the home page is also listed on other pages throughout the site, but with javascript turned on these pages redirect to the home page: eg http://host.com/county/essex redirects to http://host.com/#county/essex, which makes the map load all the data for Essex.
I'd like Google to index all the pages on my site, as otherwise none of the data included in the map will be searchable. But I know that for very good reasons Google doesn't normally index pages which get redirected. Is there a way to get Google to index my pages. Or, failing that, is there a way to submit all the data to google in some other way?
*edit
All my pages are linked to from my main navigation (it's just that javascript overrides the default link action)... the upshot being that there should be no need for a sitemap as all the pages are discoverable by google bot using normal link following

Regarding submitting data to google, there is a thing called Google sitemaps that is supposed to notify google of all URIs/locations that exist on a given site and are/should be indexed. Truth is, however, that sites that aren't crawlable by default rarely benefit much from the aforementioned sitemap.

Have a look at site Maps it allows you to include urls you need indexed.

You write:
with javascript turned on these pages redirect to the home page
Google bot doesn't execute javascript. If your redirects are made in javascript, Google bot will simple index the page and ignore the redirect.