First of all, I make all my tests upon firefox 0S 2.0 simulator
I have a website that is a game webportal.
I made a privilleged packaged app with all requierements. As launch_path I took some "index.html" file and inside this file I wrote all the basic infos and particulary this one in the header:
<meta http-equiv="refresh" content="5;url=http://url10.infinitgame.com?webview=1">
As far as this, it works OK. Meaning that I can launch my app inside firefox OS desktop and get inside my webportal
So next I packaged the fxpay library as explained in some doc and added it in my game webportal server. I've made everything like the tutorial and it perfectly works with the fake products.
After this I made a "real product" (creating a Bango account, chosing countries, and finally creating real products). And then I turned OFF the fake products from the javascript code. Now I cannot find my product and there is the error message I got:
-"using default adapter"
-"using Firefox Marketplace In-App adapter"
-"using custom adapter"
-"receipts fetched from mozApps:" 0
-"receipts fetched from localStorage:" 0
-"Number of receipts installed: 0"
-"about to fetch real products for app" "http%3A%2F%2Furl10.infinitgame.com"
-"opening" "GET""to" "https://marketplace.firefox.com/api/v1/payments/http%3A%2F%2Furl10.infinitgame.com/in-app/?active=1"
-"BAD_API_RESPONSE" "status:" 404 "for URL:" "https://marketplace.firefox.com/api/v1/payments/http%3A%2F%2Furl10.infinitgame.com/in-app/?active=1"
-"BAD_API_RESPONSE" "response:" "{"detail":"Not found"}"
-"Error getting products:" "BAD_API_RESPONSE".
I also read online that an app must be published before production payments can be used. But I find a lot of contradictory informations about firefoxOS since the community is quite small.
Here is my manifest.webapp
{
"version": "1.0.0",
"name": "T-Games",
"description": "T-games service de malade",
"launch_path": "/index.html",
"type": "privileged",
"icons": {
"16": "/img/icon-16.png",
"48": "/img/icon-48.png",
"128": "/img/icon-128.png"
},
"developer": {
"name": "Serial Screener",
"url": "http://url0.infinitgame.com"
},
"permissions": {
"systemXHR": {
"description": "Required to access payment API"
}
},
"chrome": { "navigation": true },
"origin": "app://url10.infinitgame.com",
"csp" : "default-src *; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'"
}
and here is my index.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>T-Games</title>
<meta name="description" content="TGames, service de jeux">
<meta name="viewport" content="width=device-width">
<meta http-equiv="refresh" content="5;url=http://url10.infinitgame.com?webview=1">
</head>
<body>
<p>Loading...</p>
<script type="text/javascript" src="fxpay.min.js"></script>
</body>
</html>
Thanks for time & support.
Tomy
It is true that your app must be fully approved and public before the API will return your real products. On the Developer Hub you can click Status from your app's sidebar to see if it's public or not. A non-public app could cause the BAD_API_RESPONSE (404) you see.
Another problem is that according to your manifest your app is packaged and has an origin of app://url10.infinitgame.com. However, the console logs suggest that you are running the app from the web at origin http://url10.infinitgame.com. This will also cause a BAD_API_RESPONSE (404) because your products are registered under the app: origin, not the http: origin.
If I understand correctly, you are redirecting to the http: URL from within the packaged app. If that's the case, you would need to run all of your fxpay code from within the packaged app and do something like window.postMessage to pass the results to the http: URL. You'd also have to switch to using an iframe rather than a redirect so that you can run JavaScript from the top level packaged app window.
It's not required that you use a packaged app for in-app payments with the fxpay library. As of more recent versions, it's fine to use a hosted app. Maybe that would be easier.
Related
I am trying to create an extension that uses the selected data and saves it to google sheets. Sounds pretty simple though but I am stuck at the Auth2 part.
Here's what I have done so far:
I have created a manifest.json and uploaded it on the chrome developer dashboard to obtain the "key" and "id".
Used the "id" to get the auth client id and added it to my manifest.json.
Next I have added basic html in "popup.html" and the context menu code part in "options.js" which is defined as the background script in "manifest.json".
Next I am using the "getAuthToken " to get the token in "popup.js". When I run the extension everything works but once I click the button to get the token nothing happens and "undefined" token value is returned.The error message is
Unchecked runtime.lastError while running identity.getAuthToken: OAuth2 request failed: Service responded with error: 'Service has been disabled for this account.'
Manifest.json
{
"name":"ext1",
"manifest_version":2,
"version": "1.0",
"description":"",
"browser_action":{
"default_icon":"icon48.png",
"default_popup":"popup.html"
},
"permissions":[
"identity",
"https://*/*",
"http://*/*",
"contextMenus",
"https://accounts.google.com/o/oauth2/token",
"storage"
],
"background":{
"scripts":["options.js"],
"persistent":false
},
"content_security_policy":"script-src 'self' https://apis.google.com; object-src 'self'",
"oauth2":{
"client_id":"<>.apps.googleusercontent.com",
"scopes":[
"https://www.googleapis.com/auth/spreadsheets"
]
},
"key":"<>"}
Popup.html
<!doctype <!DOCTYPE html>
<html>
<head>
<title>text</title>
<script src="jquery-3.3.1.min.js"></script>
<script src="popup.js"></script>
</head>
<body>
<h1>random text</h1>
<h2> Data: <span id="data"></span></h2>
<input type="submit" id="button" value="Authorize">
</body>
</html>
popup.js
$(function(){
chrome.storage.sync.get('datas', function(values){
$('#data').text(values.datas);
})
$("#button").on("click",function(){
chrome.identity.getAuthToken({"interactive":true},function(token){
alert("getting token......")
console.log("token")
console.log(token);
})
})
})
I have tried searching for similar issues but none solves my issue. kindly help what I am doing wrong.
You may be using an account with Google advanced protection which disables Gmail and Google Drive related API access for non-Google apps:
To keep your data secure, most non-Google apps and services won’t be able to access some data in your Google Account, like Google Drive or Gmail. *
Also see this announcement from Google: https://cloud.google.com/blog/products/identity-security/enhancing-security-controls-for-google-drive-third-party-apps
Today we’re announcing plans to extend the same policy to Google Drive as part of Project Strobe.
With this updated policy, we’ll limit the types of apps that have broad access to content or data via Drive APIs.
You may refer with the suggestion in this link to make it work:
Go to Google Developers Console and create a new project.
Go to APIs & auth > Credentials in the panel to create new Client ID. The application ID of chrome app can be obtained from Chrome Developer Dashboard if your app is uploaded.
Go to APIs & auth > Consent screen and fill in Email Address and Product Name and Save.
Using another Google Account to sign in have worked for me and fixed the issue.
As per permissions documentation, if we have activeTab perimissions, we need not specify the URL based permissions
Any of the following URLs match all hosts:
http://*/*
https://*/*
*://*/*
<all_urls>
Note that you may be able to avoid declaring all host permissions
using the activeTab permission.
But this is working only once, second time getting error (extension UI is open while we try second time), if we launch the popup again by clicking extension icon it works fine.
Unchecked runtime.lastError while running tabs.executeScript:
Cannot access contents of the page.
Extension manifest must request permission to access the respective host.
Following are details
manifest.json
{
"manifest_version": 2,
"name": "Getting started example",
"description": "This is hello world example",
"version": "1.0",
"browser_action": {
"default_icon": "icon.png",
"default_popup": "popup.html"
},
"permissions": [
"activeTab"
]
}
popup.html
<html>
<head>
<title>Getting Started Extension's Popup</title>
<script src="popup.js"></script>
</head>
<body>
<div>Hello World!</div>
<input type="button" id="refreshPage" value="Refresh Page"/>
</body>
</html>
popup.js
document.addEventListener('DOMContentLoaded', function() {
function refreshPage() {
chrome.tabs.executeScript(null, {
code: 'window.location.reload(true)'
}, function(){
console.log("Page refershed");
});
}
document.getElementById("refreshPage").addEventListener("click", refreshPage);
});
If we add "*://localhost/*" (this works for localhost), there is another way to specify for all hosts *://*/* (not sure if this is right and secure way), refresh button is working multiple times without relaunching popup UI. Is there a difference between activeTab vs URL based permissions and any specific way is recommended over another due to specific reasons?
The activeTab gives permission temporarily until the tab is navigated or closed. My guess is that by reloading the tab when hitting refresh revokes the activeTab permissions. Avoid using window.location.reload or specify the url match for the domain you are trying to execute a script on.
https://developer.chrome.com/extensions/activeTab
The activeTab permission gives an extension temporary access to the
currently active tab when the user invokes the extension - for example
by clicking its browser action. Access to the tab lasts until the tab
is navigated or closed.
I have recently made a chat bot and am seeking to further edit the components of the interface by adding a minimizing button and an anchor so that the Chatbot is statically secured to the bottom right of the page (which is the most common area). This is made with the Azure QnA framework, so I'm not sure how much I can really edit..
Is there any way that I can access the code so that I can minimize the chat bot or add a button?
I will show a photo to make things more clear: minimizing image
The webchat interface that you are using is coming from Microsoft GitHub's project named BotFramework-WebChat available here.
If you look at the documentation provided on GitHub's main page, you will see that you have several ways of implementing your webchat on your website, from the easiest iframe inclusion to more detailed solutions.
If you want to customize your interface, I would suggest an implementation like the following in your hosting page code:
<!DOCTYPE html>
<html>
<head>
<link href="https://cdn.botframework.com/botframework-webchat/latest/botchat.css" rel="stylesheet" />
</head>
<body>
<div id="bot"/>
<script src="https://cdn.botframework.com/botframework-webchat/latest/botchat.js"></script>
<script>
BotChat.App({
directLine: { secret: direct_line_secret },
user: { id: 'userid' },
bot: { id: 'botid' },
resize: 'detect'
}, document.getElementById("bot"));
</script>
</body>
</html>
Here you are declaring the chat and using js and css files from the CDN.
All the code for the webchat component is in the js, so you should get it, make your customization and host it on your side to have what you want.
From the CDN it is minified, but you can rebuild the file using the process described here: https://github.com/Microsoft/BotFramework-WebChat#building-web-chat
For example an interface that we made from those sources:
For this example, we have customized the header in js to :
add 1 button to maximize
add 1 button to close
Then the image of the buttons is made with CSS
I want open all the links on a web page with a single click on Chrome Extensions. I try for that وbut I did not get any results. please help me ...
my manifist.json file :
{
"name": "Open Links in New Tabs",
"version": "1.0",
"description": "open all link in page on new tabs with one click",
"background_page" : "background.html",
"browser_action": {
"default_icon": "icon.png"
},
"permissions":
["tabs"],
"manifest_version": 2
}
background.html file :
<!doctype html>
<html>
<head>
<script src="background.js"></script>
</head>
<body>
</body>
</html>
background.js file :
for(i = 0; i < document.links.length; i++)
{ chrome.tabs.create({active: true, url: document.links[i].href});}
Please explain any problems. thanks
When you access the document object in background.js, you're looking at background page, not the currently active tab.
To access the DOM contents of the open page, you will need a content script. It can then send a message to the background script (which has access to chrome.tabs) with the list of links to open.
Please take a moment to read this excellent overview of extension architecture. Also, read on messaging to pass the list.
Actually, if you're going to be injecting the script programmatically via chrome.tabs.executeScript, you can ditch messaging and just use the callback of executeScript.
As a side note, since you don't have any HTML in the background page, you can replace it with an auto-generated script page like this:
manifest.json
"background": {
scripts": ["background.js"]
},
in place of "background_page"
Lastly, consider minimal permissions that you need.
If your extension is supposed to trigger on click on the extension button (wrapped in a chrome.browserAction.onClicked listener), you can inject a script "for free" with activeTab permission, no need for tabs/host pemission.
Same goes to chrome.tabs.create, you don't need the mighty and scary "tabs" permission.
There are quite a few.
A background script doesn't have access to the page DOM of a tab. The only DOM it can access directly is the DOM of the background.html. You should use a content script and message passing.
background_page is an option of Manifest Version 1, you are using Manifest Version 2, for which the option is called background. Usually you provide the background.js directly as a script (see https://developer.chrome.com/extensions/background_pages). You should return after you implemented those suggestions
Manifest version 2 of chrome extensions will no longer support use of eval or new Function on regular extension pages. My chrome extension uses a UI Framework (Kendo UI) on the options page that makes use of these mechanisms and therefore I'm looking for a solution.
According to this session from IO 2012 the idea is to put the corresponding page into a sandbox and load it into the extension via an iframe.
Here is a simplified example what I'm trying to do: https://gist.github.com/3058943
manifest.json:
{
"name": "Sandbox test",
"manifest_version": 2,
"options_page": "main.html",
"sandbox": {
"pages": [ "index.html" ]
}
}
main.html:
<html>
<head></head>
<body>
<iframe id="iframe" src="index.html" ></iframe>
</body>
</html>
index.html:
<html>
<head></head>
<body>
<h1>Inside the sandbox</h1>
</body>
</html>
When I load the options page in this example, I'm getting the error message:
Denying load of chrome-extension://fahdnpkbgfjkocogbjlljfbhnljcehoh/index.html. Resources must be listed in the web_accessible_resources manifest key in order to be loaded by web pages.
I don't think that each sandboxed page is also supposed to be a web_accessible_resources.
But even when I try to define the sandboxed pages also as web_accessible_resources in the manifest file, then the sandboxed page gets loaded but use of new Function inside the iframe is still blocked.
The above described error message occurs on Chrome 20.0.1132.47.
I tested with the dev channel version 21.0.1180.15 and here the sandboxed iframe loads without problems.