when I load this site via my own browser it looks quite nice and modern but when I load with the webview tag it in my electron application it's shown with an old theme.
I already changed the browser agent and tried changing the size but that doesn't help, do you know how this webite can know that it's loaded from webiew and how I can bypass that?
New version:
https://ibb.co/RCbqH14
Old version:
https://ibb.co/1JHZzgc
<webview id="todo" useragent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36" src="https://www.whatsmyua.info/" style="right: 0; height: 100%; width: 50%; position: fixed; z-index: 1; top: 0; overflow-x: hidden; padding-top: 20px;"></webview>
Related
I am using ServiceStack with SharpPages to render dynamic content. For "reasons", I need to set the CORS headers Access-Control-Allow-Origin and Access-Control-Allow-Credentials, supporting multiple subdomains.
My SharpPages feature is enabled with :
var pagesFeature = new SharpPagesFeature()
{
ScriptMethods = { new UrlScriptMethods(), new DbScriptsAsync() },
};
pagesFeature.Args[ServiceStack.Script.ScriptConstants.DefaultDateFormat] = "MM/dd/yyyy hh:mm";
pagesFeature.Args[ServiceStack.Script.ScriptConstants.DefaultDateTimeFormat] = "MM/dd/yyyy hh:mm";
Plugins.Add(pagesFeature);
I'm hosting on IIS, so I could use web.config like below, but I can only specify one domain this way. If I specify multiple, XMLHttpRequest calls complain there are multiple domains set for that header.
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="https://subdomain.domain.com" />
</customHeaders>
</httpProtocol>
</system.webServer>
Likewise, I could have used the ServiceStack HostConfig property GlobalResponseHeaders, but same deal.
I've even tried ServiceStack PreRequestFilters, but those aren't called unless a service method is called. Here is my filter:
this.PreRequestFilters.Add((httpReq, httpResp) =>
{
var origin = httpReq.Headers.Get(HttpHeaders.Origin);
if (!string.IsNullOrWhiteSpace(origin))
{
httpResp.AddHeader(HttpHeaders.AllowOrigin, origin);
httpResp.AddHeader(HttpHeaders.AllowCredentials, "true");
}
});
Finally, StaticFileHandler.ResponseFilter won't work, since I'm using a view engine and not static files.
So, how can I add custom response headers to View Pages (SharpPages in particular, possibly Razor pages as well) in ServiceStack?
The raw request is below. Interesting that I'm requesting https://computer.domain but FireFox translates that to localhost. Regardless, the favicon.ico request DOES get trapped by the filter. The request below DOES NOT.
GET /forms/newsletter HTTP/1.1
Host: localhost:44308
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ss-pid=wCR4INmjLXpBnbsBoe2n
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
The raw response is :
HTTP/2.0 200 OK
cache-control: private
content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-sourcefiles: =?UTF-8?B?QzpcVXNlcnNcamtsZW1tYWNrXFNvdXJjZVxSZXBvc1xPQlJDX0JNU1xCTVMuV2ViLkJvdHRsZURyb3BDZW50ZXJzXEJNUy5XZWIuQm90dGxlRHJvcENlbnRlcnNcZm9ybXNcbmV3c2xldHRlcg==?=
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Tue, 11 Jun 2019 16:28:34 GMT
content-length: 862
X-Firefox-Spdy: h2
The PreRequestFilters should now be fired for all Razor and Sharp Pages requests from the latest v5.5.1+ that's now available on MyGet.
In the meantime, I've created a portmanteau. For a particular sub-folder, I'm using web.config to allow all remote origins. For Service-based calls, I'm using a hand-rolled version of CorsFeature (a small amount of custom logic won't work).
<location path="views/subfolder"> <-- applies the ACAO header for specific view pages
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
</location>
I have an odd issue with azure authentication. It works in one scenario (logging in with an angular app using adal) but not in an other (loading the asp.net web api up and logging in via the swagger ui authorise mechanism). I have narrowed it down to a post to the:
https://login.microsoftonline.com/te/{tenantid}/oauth2/authresp
endpoint which rather unhelpfully returns:
302
<html>
<head>
<title>Object moved</title></head>
<body>
<h2>Object moved to here.</h2>
</body>
</html>
Basically telling me an exception has occurred.
error_description = AADB2C An exception has occured.
CorrelationID = 1816d2f8-aa74-4433-a7c0-d9c8fabebdb0
Timestamp = 2017-10-27 13:46:08
The angular app, does exactly the same post but that however returns a link with the token id:
302
<html>
<head>
<title>Object moved</title>
</head>
<body>
<h2>Object moved to <a href="http://localhost:4200/#state={state -
ommitted}&id_token={id token - omitted}">here</a>.
</h2>
</body>
</html>
I can't see any differences in the posts. This one does not work (initiated from swagger ui on web api project)
POST https://login.microsoftonline.com/te/{tenant - omitted}/oauth2/authresp HTTP/1.1
Host: login.microsoftonline.com
Connection: keep-alive
Content-Length: 1595
Cache-Control: max-age=0
Origin: https://login.microsoftonline.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
DNT: 1
Referer: https://login.microsoftonline.com/{tenant - omitted}/oauth2/authorize?client_id={clientid - omitted}&redirect_uri=https:%2f%2flogin.microsoftonline.com%2fte%2f{tenant - omitted}%2foauth2%2fauthresp&response_type=id_token&response_mode=form_post&nonce={nonce}&state=StateProperties
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en;q=0.9,de-CH;q=0.8,de;q=0.7,fr-CH;q=0.6,fr;q=0.5,it-CH;q=0.4,it;q=0.3
Cookie: {cookie - omitted}=; x-ms-gateway-slice=005; stsservicecookie=cpim_te
id_token={omitted}
But this post does:
POST https://login.microsoftonline.com/te/{tenant - omitted}/oauth2/authresp HTTP/1.1
Host: login.microsoftonline.com
Connection: keep-alive
Content-Length: 1590
Cache-Control: max-age=0
Origin: https://login.microsoftonline.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
DNT: 1
Referer: https://login.microsoftonline.com/{tenant - omitted}/oauth2/authorize?client_id={clientid - omitted}&redirect_uri=https:%2f%2flogin.microsoftonline.com%2fte%2f{tenant - omitted}%2foauth2%2fauthresp&response_type=id_token&response_mode=form_post&nonce={nonce}&state=StateProperties
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en;q=0.9,de-CH;q=0.8,de;q=0.7,fr-CH;q=0.6,fr;q=0.5,it-CH;q=0.4,it;q=0.3
Cookie: {cookie - omitted}; x-ms-gateway-slice=003; stsservicecookie=cpim_te
id_token={omitted}
As the posts are pretty much identical the issue must lie somewhere in either the cookie or the id token (which I cannot supply for security reasons). Pasting the ID tokens from both requests into http://www.jwt.io gives me same information with the correct claims present in both. So I am a little stuck and hoping someone from the azure team can step in and help?
Many thanks
Based on the referrer in your request samples, it looks like you're not calling /v2.0/ B2C endpoint. For example, in the following request, the path should be /{tenant}/oauth2/v2.0/authorize...
https://login.microsoftonline.com/{tenant}/oauth2/authorize?client_id={clientid}&redirect_uri=https:%2f%2flogin.microsoftonline.com%2fte%2f{tenant}%2foauth2%2fauthresp&response_type=id_token&response_mode=form_post&nonce={nonce}&state=StateProperties
Due to this, you're getting unexpected behavior across both your apps. This also means that the applications you are using were not created using B2C portal (we verified this via our offline chat as well).
As of now, B2C ONLY supports applications created through the B2C portal. So, if you can kindly create an application through the B2C portal, and try again, you should have this issue resolved.
I've been running into multiple issues with utilizing custom fonts at the following location:
www.shawmut.com/happyholidays
I ran into an issue yesterday with Mozilla Firefox and it not displaying a custom font I was linking to our AWS S3 Bucket, which I resolved by hosting the fonts of our actual web server. Now, I'm experiencing an issue with IE9/10 where the fonts are not displaying once again. I found the following discussion here: IE9 Refusing to Load custom font? which somewhat touches on my issue, however, I'm not running an Apache or a nginx setup, I'm on IIS (without actual IIS access).
Here is the CSS code:
/* GOBOLD */
#font-face {
font-family: 'Gobold';
src: url('www.shawmut.com/happyholidays/fonts/Gobold.eot');
src: url('www.shawmut.com/happyholidays/fonts/Gobold.eot#iefix') format('embedded-opentype'),
url('www.shawmut.com/happyholidays/fonts/Gobold.eot?') format('eot'),
url('www.shawmut.com/happyholidays/fonts/Gobold.woff') format('woff'),
url('www.shawmut.com/happyholidays/fonts/Gobold.ttf') format('truetype'),
url('www.shawmut.com/happyholidays/fonts/Gobold.svg#Gobold') format('svg');
font-weight: normal;
font-style: normal;
}
/* MOTION PICTURE */
#font-face {
font-family: 'MotionPicture';
src: url('www.shawmut.com/happyholidays/fonts/MotionPicture.eot');
src: url('www.shawmut.com/happyholidays/fonts/MotionPicture.eot#iefix') format('embedded-opentype'),
url('www.shawmut.com/happyholidays/fonts/MotionPicture.eot?') format('eot'),
url('www.shawmut.com/happyholidays/fonts/MotionPicture.woff') format('woff'),
url('www.shawmut.com/happyholidays/fonts/MotionPicture.ttf') format('truetype'),
url('www.shawmut.com/happyholidays/fonts/MotionPicture.svg#MotionPicture') format('svg');
font-weight: normal;
font-style: normal;
}
Can someone PLEASE assist me with resolving this issue, it's kind of driving me bonkers! :)
CORS
Start by using relative paths, you'll run into problems when someone accesses your site with a non www prefixed URL, as some browsers then won't load your font because of cross origin resource restrictions.
Of course this could be fixed by sending proper headers, but sticking to relative paths is the smarter option here.
See also https://developer.mozilla.org/en/docs/HTTP/Access_control_CORS
Content types
Make sure that your server sends the proper Content-Type headers, browsers can be picky about that.
.ttf > application/octet-stream
or application/x-font-ttf
or application/x-font-truetype
.eot > application/vnd.ms-fontobject
.woff > application/font-woff
.svg > note sure, probably image/svg+xml
Missing files
Also some files are not available, specifically the .woff and .svg ones, so in case the .eot ones cannot be used (there are a lot of EOT fonts around that do not comply with the Microsoft standard, often produced by font converters) there is no fallback available.
Developer tools
In case the above doesn't fix the problem, check the network and console tabs in the developer tools, they might give you a clue in case the font files are really not being loaded/used.
I've run into similar problems with custom fonts, one of the things I put in place was an outbound URL rewrite rule so that when fonts were requested, the server would add a CORS header. This seems to have fixed the problem for me, so it's worth a try.
You'll need URL Rewrite installed on your web server (http://www.iis.net/downloads/microsoft/url-rewrite) for this to work.
<configuration>
<system.webServer>
<rewrite>
<outboundRules>
<rule name="Fonts CORS">
<match serverVariable="RESPONSE_Access_Control_Allow_Origin" pattern=".*" />
<conditions>
<add input="{REQUEST_URI}" pattern=".*\.(ttf|otf|eot|woff|svg)\?*.*$" />
</conditions>
<action type="Rewrite" value="*"/>
</rule>
</outboundRules>
</rewrite>
</system.webServer>
</configuration>
We tried all proposed solutions and spent hours researching why our custom font with icons doesn't load in IE9 for some of our website users -- only to find out that it was the security setting in IE9 which prevented the font files from being loaded.
Going to Internet Options > Security > Internet > Medium fixed the issue, all the custom icons loaded and looked perfect like in the most modern browsers.
Please note that we don't use Windows, we only use it for testing through Parallels on a Mac, but I hope it will save some time for at least some of you.
I have created one Google chrome extension for my site. I need to be installed this extension automatically while I am running my webpage on browser.. I want to place the packed extension in my own site. is it's possible to host my extension in my own site. Please advice me how I can install that extension automatically while I am running my page and also how it is possible to host in my own server.
Thanks in advance..
You should use Inline Installation for users to easily install your app.
You can create a simple popup that redirect to the site with code as follows
<div id="p2r_addon_inst" class="myclass">
<div id="chrome_info" style="display: block; top: 0px;">
<div id="addon_install_icon"></div>
<span id="addon_install_message">Chrome extension is available for this site More info... </span>
<div id="addon_install_buttonblock">
<div id="addon_install_remove"></div>
<button id="addon_install_extinstallbutton">Install</button>
<button id="addon_install_dontaskagain">Don't ask again</button>
</div>
</div>
</div>
and the css is
.myclass{
position: absolute;
left: 0;
top: 0;
width: 100%;
overflow: visible;
z-index: 999;
}
took me a long time to figure this out and was wondering if it is IE 6, IE TESTER or something i have done.
im creating a session to store quotes, which i am using md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'])
The problem being when i tested in IE 6 in the IE tester application, results are being inserted but the quotes are not being retrieved.
After some digging and looking i found that the token being used to retrieve the quotes and the token being used to insert the quotes where different.
On the main page, i added this;
<p><input type="hidden" id="quoteID2" value="<?php echo $_SERVER['HTTP_USER_AGENT']; ?>" /></p>
<p><input type="hidden" id="quoteID3" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>" /></p>
which returned;
<p><input type="hidden" id="quoteID2" value="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 6.1; WOW64; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2)" /></p>
<p><input type="hidden" id="quoteID3" value="127.0.0.1" /></p>
which i was expecting.
yet when i applied the same test to the php script that was inserting the data it returned this;
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2)
127.0.0.1
can anyone tell me why it is saying that the second script is being ran through IE 8 ?!?!
regards,
Phil
As noted by the IE team many times, tools like IETester are inherently less reliable than testing with the real browsers, because the approach they use is an unsupported hack, and leads to crashes and cases where the "real" IE binaries get munged with the older ones you're trying to test. You should test IE6 using the free VPC that Microsoft provides.
http://www.enhanceie.com/ie/webdev.asp#vpc