Safari App Extension content script not loaded on Safari error page? - safari

When running a Safari App Extension, if Safari shows "Failed to open page", your content script isn't loaded. In this sort of scenario, it might be nice to redirect the user to a new url or suggestions page such as "did you mean...".
Is it possible to get a Safari App Extension's content script to load when a Safari error page is showing up?

No, it does not appear to be possible.
Based on Apple's Safari App Extensions "About Permissions for Scripts and Style Sheets" documentation, I'm deducing that script injection only works on web content from http:// or https:// schemes, while error pages are loaded from local files.
A URL pattern takes the form Scheme://Domain/Path.
(...)
Scheme can be http or https. (...)
The asterisk character can be used anywhere in the domain or path, but not in the scheme.
For reference, here's the path of a Safari 13 error page template.
file:///Applications/Safari.app/Contents/Resources/en.lproj/StandardErrorPage.html

Related

Using form submit from script on extension page

I'm developing an extension for Chrome, Firefox and Safari and I'm adding a feature that uses a form.submit style post to initiate a search on another web site.
I have the code working in Chrome using the method described in this post:
Chrome Extension Development - POST to new tab
However, it doesn't work in the Safari extension. There are two problems. The first is that the sendMessage to the new tab never gets to the post script. I found a solution to that: in Safari it doesn't treat a script loaded by an extension web page as a content script. So I have to use runtime.sendMessage rather than tabs.sendMessage.
The second problem is where I am stuck. The post script submits the form but there appears to be an error on the server side and I am unable to see what it is.
In the Safari Web Inspector the "Preserve log" doesn't keep the log when this error occurs. The server loads a new page (with blank search fields) and I can't see any info on the request header sent with the post or the response since the Web Inspector logs are cleared.
I suspect it may be a security issue since Safari tends to be more strict. Any ideas on any ways around this?

How to allow direct access from browser to a `page` contained in a SPA on a chrome extension?

I have been working on a chrome extension using vue 3, vue-router and vue-x.
The extension is a Single Page Application, so if I understand correctly, it means that all incoming traffic should go through a root page and then vue-router handles the rendering while giving the user the impression that he changed page when in reality, he did not.
According to this part of vue-router documentation, you normally need something server side to make sure your root page is always served (nginx, apache, etc).
I need to reproduce this behaviour for my chrome-extension, and I have tried playing with the manifest.json but without any success so far. When I try to access to my other page, I have a File not found error. If I was to create an other-page.html, it renders but it wouldn't be a SPA anymore. I could try to put some hacky JS inside this other page but I was wondering if there was any more elegant way to handle this.
tl;dr: How to allow direct access from browser to a page contained in a SPA on a chrome extension.

Manifest homepage_url and ExtensionInfo.hompageUrl

It says in the Opera API (Formats: Manifest Files):
homepage_url
The URL of the homepage for this extension. The extensions management page will contain a link to this URL. If you distribute your extension using the Opera addons site, the homepage URL defaults to the extension's own page.
But from using ExtensionInfo.hompageUrl, those extensions without homepage_url in manifest will just give blank instead of its Opera addons site url.
On Chrome's side it works as expected.
It's a bug. I've just reported that. Thank you for the info!

Can I use an IFrame to navigate to an external page in a Windows 8 Metro application?

When I currently try I get the following error, even after adding google as a content URI
APPHOST9613: The App Host was unable to navigate to http://www.google.com/ due to the following error: FORBIDFRAMING.
Response from MSFT:
http://social.msdn.microsoft.com/Forums/en-US/winappswithhtml5/thread/a1cba639-3251-4df8-abd3-b6f6a95ba4ae
You can use Iframe,but you won't get full controll of their JS files,you may have to face some breaking point in such sites, and some sites like google blocking this facility.
Try this,
1. Make your default browser as IE10 which will provide you an App look for IE.
2. trigger an event
function openYourLink() {
var url = new Windows.Foundation.Uri("http://www.google.com")
Windows.System.Launcher.launchUriAsync(url);
}
You can use iframe to navigate to other pages.
<iframe src="http://www.apple.com" />
will do the trick.
However, not every website allows you to put their page in an iframe or they maybe using the top window layer so that their page doesn't support running in an iframe.
In addition, if you are running your code Visual Studio 11 Express, it may throw javascript exceptions in the web page in the iframe. You can "continue" it. This exception will not be visible when you are running a deployed version of your application (running from start menu).
On further investigation the answer seem to be that yes you can for most sites, but some sites (such as google) seem to fail when embedding with an iframe.

Facebook Connect button not showing up in Safari/Chrome

My implementation of Facebook Connect (just a simple login button, fb:login-button) works perfectly on Firefox and IE.
But the same button is not showing up in Safari/Chrome (Webkit).
Here's what's ironic. In my debugging effort, I saved the page (that contains fb:login-button) up as a static page and then load it in Safari. And the button shows up, everything works!
The exact same page (with the exact same HTML source) rendered by my PHP has no way for bringing up the button.
I'm trying hard to support Webkit here but I'm close to giving up. Can anybody help?
I found one more way this can occur (the blame-myself-for-being-stupid way); it's probably not common, but in the event is saves anyone else the hassle, here it is:
This symptom can also be caused by various security tools blocking facebook resources.
In my case, I'd installed Facebook Disconnect ages ago in Chrome as a plugin and forgotten all about it being installed. I also had a second installation of Chrome that was seemingly identical (but did not have Facebook Disconnect). The first would properly load the fb:login-button, and the other would not; took me ages before I looked at the plugins, because Facebook Disconnect didn't have an icon and so its presence was pretty easy for me to miss.
Here's what you'll see if some sort of security plugin is preventing facebook resources from loading. Just look at the html that renders in the browser using developer tools.
In a normal chrome session you'll end up with something like this:
<fb:login-button><a class="fb_button fb_button_medium"><span class="fb_button_text">Your text here</span></a></fb:login-button>
But in the version with facebook's resources disabled you'll end up with this:
<fb:login-button>Your text here</fb:login-button>
Like I said, pretty obvious in retrospect.
Had the same problem but it was not related to anything like a plugin or malformed content. It seems if you enable country filtering on your facebook page it has an issue with the like button, this should be fairly obvious. Facebook gets your location from your profile and not your IP address.
Make sure to disable country locking if you plan on using the social plugins.
This can be due to having ClickToFlash installed. Either disable it, or check "Automatically load invisible Flash views" in the ClickToFlash settings.
What we found out is that Safari (and maybe some older versions of Chrome or other WebKIT browsers) have a problem with Facebook's code using the innerHTML JS function if your page arrives with an XHTML response header (application/xhtml+xml).
Using text/html solves the issue.
In case of JSF2, which we use, the implementing the fix was as simple as wrapping the FB button like this:
<ui:composition xmlns="http://www.w3.org/1999/xhtml"
xmlns:fb="http://www.facebook.com/2008/fbml"
xmlns:f="http://java.sun.com/jsf/core">
...
<f:view contentType="text/html">
<fb:login-button>Login using Facebook</fb:login-button>
</f:view>
Facebook bug report here:
http://bugs.developers.facebook.net/show_bug.cgi?id=5545
I had this problem with the Facebook button not showing at all and it took me forever to figure out what it was. Luckily after days of hair pulling I will now share the answer with everyone. In my situation I simply didn't have xfbml enabled. In my FB.init I had it set to false:
FB.init({
appId : 'app_id', // App ID
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : false, // parse XFBML
oauth : true // enable OAuth 2.0
});
I changed this to "true" (xfbml) and the login buttons works great now! :P Good luck!
This happened when I had the wrong domain in callback_url in config/facebooker.yml. Apparently it uses that to load the js files.
I had the same problem but I resolved it by making sure the URL in my app settings was exactly the same as the one for my site (i.e. it didn't work when I accessed my site without the www.).
I have tried every suggested solution here and it didn't work for me. But now I finally found the solution.
Facebook requires now a secured (https) for Canvas (Secure Canvas URL). The unsecured one will be deprecated soon.
Here is the main difference, Chrome doesn't like https connections with invalid certifications. On a localhost, it is very likely you have stunnel installed to allow https connection for the localhost. Firefox is ok with the self created SSL certificate and allows you to add an exception when trying to access that site. Chrome doesn't allow it out of the box.
When I load my app in Chrome the page is blank and I dont see any login button.
Click F12 and click the Netwrok tab in Chrome:
You see that the post request to your localhost is cancelled. DOUBLE Click on it.
Now you would see that chrome is blocking the localhost because of the certificate:
click on proceed anyway.
Now to back to your other tab and reload the page:
Chrome works now like Firefox and shows the login button.