I'm creating a safari extension that manipulates DOM for a good purpose & runs smoothly on firefox and chrome. However, when I try to upload it in debug mode before launching I get:
This extension would be able to read and alter webpages and see your browsing history on this website. This could include sensitive information, including passwords, phone numbers, and credit cards.
which extensions that are alike my extensions on safari don't even face such warning being asked from their user. What shall I do to prevent such a thing from getting asked just like similar extensions are doing? I have a feeling I'm calling one extra unnecessary API?
Would be happy to provide the necessary code for look up upon request.
Related
I started looking into OwnCloud app development to add some capabilities I would like to my server. To me it seems like Apps can't modify anything like the Login page or User Management page. Is this the case?
I want to build a user registration app and would love to integrate it into the user management page (if not and it has to exist as its own app page not a big deal). The one big problem I see so far is not being able to add a "Register" link to the login page. I could just go in and add it to the source manually, but I would like to keep the App self contained so others can use it too.
If this is not possible to do in an App I may just need to modify the core application and then see if they will accept my feature addition in a pull request.
Thanks to anyone who can shed some light on this for me. I don't want to waste my time trying to figure out how to do it with an App on the platform if it wont be doable.
After a lot of digging around I did figure out a way to do this.
In the App's app.php file, you can force a script to be loaded if the plugin is enabled:
$api->addScript('script_name'); // without .js
In that script jQuery can be used to add the elements to the page where you need them.
This was a good solution for me since I only needed to add a single button to the login page. I can see this being a bad idea if you want to make vast modifications. At that point you might as well just create a separate page that you have full control over.
I want to work with the content in the webview (eg. submit a form) - for this, I thought I could do this by embedding some scripts into it. But when I use content_scripts, I get a warning saying 'Content Scripts are allowed only in legacy packaged apps"
I searched about 'Legacy packaged apps' but couldn't find any information about that via google.
Is is possible to insert content scripts into webviews in Chrome apps? or is there any other good alternative solution to get this.
thanks.
Try ExecuteScript rather than content scripts in webviews. It's almost the same as the programmatic-injection kind of content script that you're probably already familiar with.
I installed the Rest Console extension onto Chrome. I can't use this Rest Console for anything, because the only fields that accept text are 'Request URL' and 'Request Method'.
I ask here as there is no resources or community accessible for even simple instructions on how this extension works, and there are likely members of this community who have used this extension.
Use the Postman - REST Client it works perfectly!
your_url_to_post: Fill the URL
your_json_param: The name of the param that you'll pass you json
your_json_data: The json content
Don't forget to select x-www-form-urlencoded if you'll do a post
http://i.stack.imgur.com/TISW1.png
You should be able to enter text in the other field if you tick the checkbox associated to the field first.
I started having a similar issue myself (Forms wouldnt let me input data I could click them but thats as far as it went) across a lot of web pages to include my own php game and I know the form code hasnt changed at all before this issue started. I came across a article of someone else having a similar issue themselves that I was having and someone said that they needed position: relative on their forms that are not given specific instructions on positioning when dealing with google chrome. I have since made this change myself at www.immoralattack.com and the issue has stopped on that site but still continues on many others so its pretty safe to say that is the issue.
Its only happening on the dev build of chrome for me atleast and I hope this isnt something they plan on implementing on live or this will mess up alot of websites.
Also try turning off auto fill from chrome if its on, while I was looking for this bug I found alot of similar bugs but they delt with auto fill being on.
I am working on a web application that needs silent printing (without print dialog box) with client side printer.
After some research we found that we can make it work using ActiveX and Foxit Reader.
Currently it works great but it constraints us with IE only and we want to make it work with Firefox and Chrome as well.
I know there is no direct code to make it work, but there must a work around?
What I need is the point to start e.g. Chrome/Firefox plugins to access local printer - or make windows service that runs in background in the client side, change browser settings, use ActionScript etc.
It will also be great if someone also illustrate how Facebook access local webcam from its website it may make about accessing clients peripherals from website. Thanks in advance.
For anyone who still wants information regarding printing on Chrome and/or FireFox without the use of ActiveX, extensions or client-side scripting, please see my answer to another question similar to this.
On an iphone, you can add a favourite when on a webpage and if that webpage has the correct meta tags for iphone, it gets an icon and can even 'hide' the browsers chrome and display just like an App. With html5 http headers you can even have the phone completely cache the 'app' so that it never has to contact the server again.
The problem I have is that I want to write apps that make xmlhttprequests to a server that is not the server they were originally from. I heard its possible to do this if you somehow export your favourites and HTML5 chache then manually edit the export file to change the URL for the favourite, then import them again, so that the phone doesn't think the javascript is trying a cross site xmlhttprequest.
However I have not found anything like that (maybe it was a jailbreak thing?). At the moment I have to have a proxy on the server where the 'app' originally came from, which is obviously very annoying.
I also heard that there was a special meta tag that allowed you to specify one other domain for xmlhttprequest, it had something to do with specifying that the page was actually a mirror and should be treated as if it came from another domain. Does anyone know what meta tag this is? I tried searching all over apple and found nothing.
I believe it might also be possible if you can get webkit to treat the cache as a file:// protocal, because then cross site security will not apply.
The answer is this is not possible and is not meant to be possible.