I know that adding Google's reCaptcha to Chrome extension requires addition of chrome extension id to the allowed-list on reCaptcha. That works. But what is the alternative way to use Google capthcha in a Firefox add-on.
As far as I know, the internal UUID of Firefox add-on changes every time you re-install the add-on. The external id can be made fixed but it is not used in the add-on urls. Is there a way around this problem?
Related
How to enable third party cookies while invoking chrome incognito using playwright automation tool?
I couldn't able to find a solution for this. Please help
According to this thread, it is apparently not currently possible with Playwright: https://github.com/microsoft/playwright/issues/11072
We don't have a feature that enables all cookies in Chrome, we only use default settings.
We've been using pow to easily spin up local development servers for our platform. However, Google recently broke all .dev domains in chrome by requiring them to have SSL certificates. Anvil worked around this by switching to .test domains instead of .dev. This worked for the most part, but we figured out that Google won't let you use a .test domain as a valid OAuth 2.0 callback.
Does anyone have any clue how we could solve this without scrapping anvil/pow or OAuth 2.0?
I'm using xip.io as my workaround at the moment.
E.g. for an app that you used to access using http://blog.dev instead use http://blog.127.0.0.1.xip.io.
This works to access the pow app but also is allowed as a Google OAuth redirect url because it's a .io domain.
This is a very annoying issue. Especially since google were the ones who made .dev unusable in chrome by automatically upgrading it to https...
When I open the mail link with default browser as Google Chrome in Outlook,
it's opening in browser. I am expecting the link to be opened in application.
The way outlook lets users choose chrome as the destination for links effectively disables the universal linking functionality provided by the system. Basically, outlook isn't opening the raw link, which would lead to your app, it is building a mobile chrome URI per chrome's custom scheme. Until iOS provides users a method to choose a different browsers, apps rolling their own solution will continue to break system expectations.
What would be the best way to obtain an AAD token from an electron app?
Microsoft has 2 javascript authentication libraries: adal.js and msal.js.
Both are designed for browsers and not native Electron apps (For example - AAD won't allow for file:/// scheme as a reply URL).
Sounds like a long term solution would be native AAD packages (like Microsoft built for Apache Cordova), but since that's probably not going to happen any time soon, what is the best short-term option?
Azure Storage Explorer is a good example of an Electron app that does this. It even allows for being logged into multiple AAD accounts at the same time.
You might be able to check out what's going on in the app's dev tools. I've had a poke around and it looks like it uses adal-node npm package instead of the browser based js libraries.
It also looks like it uses an authorization code flow for obtaining tokens.
The Azure AD doesn't support the file protocol as the reply address. To develop the single page application, you can host it on the server and using the server URL as the reply address.
[blocked] Access to geolocation was blocked over insecure connection to http://www.hnsjb.cn.
Should I change my website to the https protocol?
iOS 10 and also desktop Safari 10 seem to require https connection now. Safari also seems to be more strict than what Chrome did earlier. No mixed content warnings are allowed, Chrome allows e.g. map tiles to load over normal http.
I could not find any guideline specific to Safari, but this issue has been discussed by other web browsers as well.
In particular, the announcement about Google Chrome blocking geolocation over an insecure connection, published on developers.google.com in April 2016, under the last paragraph “I really need to use Geolocation. What should I do?”, advises:
If you would like to use the HTML5 Geolocation API, or if your site already uses the Geolocation API, please migrate the pages making Geolocation API calls to HTTPS, ensuring that they’re used in a secure context.