How to include multiple TLDs in permissions of manifest.json? - google-chrome-extension

Which is the best way for including the following urls (multiple TLDs) in manifest.json of a Chrome Extension? I want to include:
https://www.corporate.com/
https://www.corporate.de/
https://www.corporate.co.uk/
But the following form gives an error:
"permissions": [
"https://www.corporate.*/",
]
because the match pattern rules https://developer.chrome.com/apps/match_patterns indicate that the part can include a * only in the beginning.

Related

In istio AuthorizationPolicy How to match paths including query string parameters

I'm currently using istio 1.4 and had enabled a Policy to check jwt.
I enabled an AuthorizationPolicy which have that rule:
rules
- to:
- operation:
methods: ["GET"]
paths: [
"/render/checkout"
]
when:
- key: request.auth.claims[roles]
values: ["USER"]
When I hit that path with my jwt, every thing works great. The problem is when I hit the same url with a query string parameter for example /render/checkout?sort=asc, I get a RBAC: access denied.
to bypass this, I ended up adding the path including the question mark and a wildcard:
paths: [
"/render/checkout", "/render/checkout?*"
]
but having a lot of paths and a lot of microservices, I feel that should not happen as it happens because it's very repetitive and error prone.
I know that there's already an issue on github about supporting regex in paths, but currently :
Can I avoid doubling each of my paths, one without query string parameters and the second with the query string parameters?
There is a github issue where someone asked same question few days ago which leads us to github issue you add.
Specially this part of github member answer #GODBS.
There is no other way to exclude paths for JWT then to use an Authorization Policy which does not allow regex.
Can I avoid doubling each of my paths, one without query string parameters and the second with the query string parameters?
So as far as I understand currently there is no other way to make it work. The workaround for now is to add another paths, like you did.
I assume they will add it in the future, the question here is how long will it take.

How can I find users in node AD by "dn"'s chunk?

I want to search through the user and fetch them by a pattern of their Distinguish Name. My object structure is:
{"dn": "CN=Manager,OU=PH,OU=xxx HQ xxx,DC=xxx,DC=xxx",
"userPrincipalName": "user1#domain.com",
"sAMAccountName": "User1",
"whenCreated": "20190517064007.0Z",
"pwdLastSet": "0",
"userAccountControl": "512",
"sn": "User1",
"givenName": "User1",
"cn": "User1",
"displayName": "User nickname",
"groups": []}
I use this package - https://www.npmjs.com/package/activedirectory#findUsers.
Function: findUsers.
Expected result: find all users that have
"CN=Manager"
in their "dn".
I've already tried some of these queries:
dn=*CN=${managerName}*`
{dn:{filter:'*CN=${managerName}*'}}
{filter:'*CN=${managerName}*'}
{filter:{dn: '*CN=${managerName}*'}}
Every time ldap returns with an empty array or indicates an error in query
Note that dn isn't actually an attribute in Active Directory. I think you're after distinguishedName.
But you can't use wildcards in any attribute that accepts a distinguishedName. That includes distinguishedName, member, manager, and several others.
It looks like you just want to search by the account name though. You can search by the cn attribute, like this:
(&(objectClass=user)(cn=*Manager*))
That will find any user account with Manager in the name. Just be careful with that. If you use a wildcard at the beginning, it cannot use indexes to do the search. So in the query I just gave you, it would have to search through every user account to find matches. So the more criteria you can give it, the better.
Active Directory also has a special kind of search called Ambiguous Name Resolution, which is specifically designed for finding users without knowing the full name. It looks for your search term in several attributes, like first name and last name, and others. For example, you can make a search like this:
(anr=Michał Bednarz)
And it would find you, even if the displayName on your account is Bednarz, Michał.
You can also read here about the formatting of an LDAP query: Active Directory: LDAP Syntax Filters

Disable sandbox in custom rule

How can I disable the sandbox in a custom Bazel rule?
I want the sandbox always disabled for every instantiation of this rule, without the user having to do anything.
When creating actions in the rule implementation, include the execution_requirements dict argument containing a no-sandbox key with a value of 1. This forces the action to never run in the sandbox.
def _impl(ctx):
ctx.actions.run_shell(
outputs = [ctx.outputs.executable],
command = "..",
execution_requirements = {
"no-sandbox": "1",
"no-cache": "1",
"no-remote": "1",
"local": "1",
},
)
See the tags attribute on the documentation for common build attributes for more information on these tags/requirements.

Matching Github and GHE with Webextensions Match Patterns

I'm trying to write an extension that only runs on *://github.com/notifications or *://github.*.com/notifications (to cover Github Enterprise URLs). Unfortunately the second match pattern is one of the invalid match patterns in the firefox docs and the google docs, see picture:
This presumably means I'd have to use *://*/notifications instead, and then filter it in the app, which seems like a pain, as it means I have to use a wider scope than I'd need to.
So my question is, is there an easy way to match these urls that I'm missing? Is there a reason that this match is disallowed?
App is here in case that helps.
Okay, fixed it with the include_globs option as suggested in the comment
"content_scripts": [
{
"matches": [
"*://*/*"
],
"include_globs": [
"*://*github*notifications*"
],
"js": [
"browser-polyfill.js",
"button.js"
]
}
]
Still seems odd that you are forced to do this more general match and then filter down with include_globs, but maybe this makes it clear that you're actually matching any domain.

Is there any way to retrieve the name for a gist that github displays

When I browse to a gist on gist.github.com it displays a friendly name. E.g. for
https://gist.github.com/stuartleeks/1f4e07546db69b15ade2 it shows stuartleeks/baz
This seems to be determined by the first file that it shows in the list of files for the gist, but I was wondering whether there is any way to retrieve this via the API?
Not directly, but you can get with the Gist API the JSON information associated to a gist, reusing the id of your url:
GET /gists/:id
In your case: https://api.github.com/gists/1f4e07546db69b15ade2
It includes:
"files": {
"baz": {
"filename": "baz",
and:
"owner": {
"login": "stuartleeks",
That should be enough to infer the name stuartleeks/baz.

Resources