I need to use the Hubspot tracking code into a Chrome Extension but I have some problems related with the Chrome URI protocol because it uses chrome:// instead http(s)://
These are the steps I follow so far:
Replace the src to force https: https://js.hs-analytics.net/analytics/
Add the domain to the manifest.json
But when the script runs, it tries to download resources from a relative url which turns into chrome://track.hubspot.com and fails.
Does exist any way to modify this behaviour without having to download the file and modify it?
Related
So, I am trying to implement a SharePoint intranet site for an organization. However, there is one application in particular that they would like a link to on the homepage. Unfortunately this application can only be used via the IE tab google chrome extension (I know, dumb) but app devs have yet to add chromium compatibility.
Any way the link looks like this:
chrome-extension:
//hehijbfgiekmjfkfjpbkbammjbdenadd/nhc.htm#url=https://website.com/sub/sub.Hub.aspx
But share point requires a https:// on the beginning of a link.
If you throw that destination into chrome directly it navigates fine, but if you add say https://google.com/ on the front or https://*/ it doesn't work.
Is there a syntax that will allow me to put https:// on the front of this without getting a 404 error?
Never mind, I ended up re-directing this through IIS internally
I am building a chrome extension that redirects the tab to an html file if a url on a blacklist is loaded. This html file includes both continue and back buttons. The only problem is I am using chrome.webRequest.onBeforeRequest and I am unable to find a way to store the url that the request originates from. According to the MDN web docs there is a FrameAncestor property that allows you to access this url, but this is not supported by chrome. Are there any equivalent functions or work arounds?
I load GTM by script https://www.googletagmanager.com/gtm.js?id=xxxxxx.
GTM after that loads this external script:
Chrome shows this warning (insecure content is blocked) in the address bar.
Moreover:
The link of the external script doesn't work: "Could not resolve host: track.mixtarget.ru".
How to avoid this problem, cause we don't want to have any insecure scripts on our site?
Thank you.
First, use secured external scripts only i.e. ending with https. This is a common problem and would persist as Google products(Chrome) are moving towards https connection only.
Second, track.mixtarget.ru should resolve to a valid host i.e. Each time the Google Tag Manager script executes, an HTTP Response is expected.
Hope this helps
When you're writing the manifest.json file, you have to specify matches for your content scripts. The http and https work fine, but if I try to include chrome://*/* or any variant of it, I get an error that I'm attempting to use an invalid scheme for my matches.
Is it not allowed?
By default you cannot run on a chrome:// url page.
However, there is an option in chrome://flags/#extensions-on-chrome-urls:
Extensions on chrome:// URLs (Mac, Windows, Linux, Chrome OS, Android)
Enables running extensions on chrome:// URLs, where extensions explicitly request this permission.
You still have to specify pages that your extension can run on and wildcards are not accepted - so you have to specify the full URL eg chrome://extensions/
The authorized schemes for matches are http, https, file, ftp.
Therefore, chrome is not a valid scheme.
Yes, it is not allowed. You can't link to them from hrefs on a webpage either.
I would like to serve files from a Chrome extension under different origin than the Chrome extension itself. Ideally, I would like that origins are multiple and can be configured. The idea is that then I can load them inside an <iframe> and they have their own isolated origin from anything else.
Use a sandbox (either as an iframe attribute or via the "sandbox" key in the manifest file) without the allow-same-origin directive. Then the page will have a unique origin (and it won't have access to APIs specific to the extension origin).