Embedded Chromium does not have the same protection as stand-alone Chrome does when it comes to warning users about "bad sites". Users of Chrome are familiar with the warning screen that comes up when you attempt to navigate to a web site that Google has detected malware or other nefarious web elements on. However, repeating this operation in embedded Chromium does not lead to the warning screen. Does anyone know how to reproduce this capability so I can add it to my embedded Chromimum project (in Delphi 6 Pro)? If someone has "traced out" the web calls necessary to recreate this capability I'd like to know.
You can check a URL against the Google lists of suspected phishing and malware pages using the Google Safe Browsing API. to see how access this API from delphi check this article Using the Google Safe Browsing API from Delphi from here you can integrate the code of the article inside of your own project.
Related
I'm trying to figure out how to create test infrastructure that has WebdriverIO (WDIO) using an Electron app and a web browser with the user interacting with both interchangeably.
The flows would involve the Electron app opening a link within the app that directs to a browser window. The script interacts with that web page (e.g., perform some third-party auth, engage with a web page that doesn't have an app equivalent page), then switches the flow back to the Electron app. We've used some API routes for some level of coverage to mimic the browser flow, but it'd be ideal to have a full UI flow.
The app code I'm working with seems to use Electron's ipcMain functionality to achieve these flows outside of a test context. The test code uses wdio-electron-service to accomplish separate electron app and electron web flows, but not scenarios where the two need to be combined.
Avenues that I've tried looking into were:
Appium seems to support this for mobile apps via their driver.context, but their platform doesn't support Electron apps. Much of the documentation I find seems to centre around mobile/web and not electron desktop/web
Checking others' posts on WDIO's Gitter. Folks suggested looking into their multiremote functionality which seems to be more for running the same flow across different browsers, or with two user states like a chat feature. A user had the same question as me a couple years ago
https://gitter.im/webdriverio/webdriverio?at=5fa15fe8b86f6407042b2262
https://gitter.im/webdriverio/webdriverio?at=5fa17f0dc950f95c4a8d2c60
and was directed to post on here but the question is closed (https://stackoverflow.com/questions/64665715/how-to-perform-cross-browser-verification-from-one-webdriverio-session)
WDIO's documentation to switch windows, get window IDs, and the like don't recognize a browser session started by Electron as a window from trying some proofs of concept.
I'm guessing there's not an out of the box solution for this, especially with Spectron being deprecated; but was curious if others had approached this problem before?
I'm trying to set up an OAuth2.0 flow for ORCID with Xojo. I found a sample project on github for Facebook and modified the code for the URL and ClientKey I set up with ORCID. When I use the same URL in Firefox it works perfectly, however when I try to load the page in the HTMLviewer it just shows a blank page. Has anyone encountered something similar?
It is important to remember that HTMLViewer in Xojo is not the same as a full web browser. Some oAuth flows are requiring higher security standards than Xojo can provide.
Google is even going so far as to prevent low-security embedded browsers from performing the oAuth flow. They now recommend you make the request with the user's default system browser.
It seems like you will need to change your design to use the system browser instead of the embedded one.
I am new to Power BI and would like to be able to display pre-created Power BI reports in Delphi. I searched on the internet using Google but found little information for Delphi developers, just general information on Power BI. I am using Delphi 10.2.3.
To embed a report, you must authenticate yourself and acquire an access token. It will be used in further calls to Power BI REST API.
Normally, this access token is acquired using ADAL, but I have doubts you will find one for Delphi. You may take a look at this question to see how you can do this using raw web requests in Delphi: How to connect a Delphi desktop app to a third-party Dynamics 365 app using OAuth 2.0?
When you acquired an access token, get the report's embedUrl using Get Report In Group API.
Embedding of Power BI reports is basically loading them in a in a web page. This demo shows you how to embed the report in a WPF application. You can do the same in Delphi. Basically you need to copy powerbi.js, ReportLoader.js and ReportLoader.html files from the demo to your project. The first file is the Power BI client. The second is JavaScript code, which you need to run to load the report in the third one. From your code you need to navigate to ReportLoader.html file and run LoadEmbeddedObject JavaScript function from ReportLoader.js, passing to it the embedUrl of your report, your access token and the Id of the report to be embedded. I can't tell you how to call this function in Delphi, but the WPF demo code may give you some ideas.
Good luck!
Recently we migrated a Chrome extension to Microsoft Edge. We face only one problem. Extension should interact with webpages, that works fine with online webpages but not with local files.
Chrome offers for this situation permission called <all_urls>. We tried to use <any url> permission that we found on Microsoft support page, but without any result. We would like to interact with any webpage, not specific one.
Does Edge support this functionality - and if it does, how can we achieve it?
If not, is it planned in near future?
In Chrome, local file access can be achieved by checking Allow access to file URLs in chrome://extensions, however this feature is not supported in Microsoft Edge at now.
As for feature plan, you may want to provide your feedback in their Feedback site.
I'm a bit confused about all this OAuth bruhaha in the sense that all the examples I can find are for web applications and none of them for desktop applications.
I understand the Web application work flow, but that includes some redirections between the web app and twitter.
How does one do this in an desktop application?
How does the redirects work?
Should I have to include a Web Browser object?
Is there a way to go around this?
Could anyone point me to resources instead of a full blown solution please?
Thanks
Not sure which language you're using, but the .NET library for Twitter called Tweetsharp has a post on using Tweetsharp from a desktop app and authenticating via OAuth. See http://tweetsharp.com/?p=68. If you're not using .NET then perhaps it will inspire something you can do?
Basically, what tweetsharp does is launch the browser to the authentication URL and then waits for the user to return. I don't know of any way to do this other than something like that (Or include a WebBrowser control of some kind to launch the authentication URL in your own window).
Here's a straightforward solution, implemented as a set of PHP scripts for running from the command line. Well documented and explained, with a helpful 'verbose' option for debugging.
http://nullinfo.wordpress.com/oauth-twitter/
After some poking around and asking some questions about this subject to some other programmers, it looks like it's still an ongoing discussion, with no visible light at the end of the tunnel.
But for people interested on the ongoing discussion, here's the best link to have:
OAuth Desktop Discussion
I've seen a few desktop apps get around this by effectively embedding a browser into their program, so they can just open the in-app browser window to let you do the login and authorisation. This strikes me as a bit of a cheat or defeat of purpose because you still end up typing your ID and password inside the application anyway.
One possibility I was thinking of was, your desktop application could embed a mini HTTP server inside it. So then it launches the default browser to perform the authorisation, with a callback URL something like http://127.0.0.1:8765/oauthorized and then just listen for it.
Would that work?
Not sure what you would do for console applications... spawn a copy of lynx?
Include a WebBrowser control in your app. Put it in a panel or a separate form that you'll Form.ShowDialog().
Create a callback for the browser's successful posting of OAuth and one for a rejection. Don't forget to check for a FailWhale.
In the callback, you close the panel or form and store the token.
Here's a nice overview with sample code and everything: http://tweetsharp.com/2009/04/how-to-authenticate-a-desktop-application-with-oauth/