I have an extension that need to wirte something in localStorage and clean (or set a special value) when user close the browser.
This link showing that there is no way to detect when the browser is closed.
So any suggestion?
If you're using a persistent background page, use sessionStorage instead of localStorage to save variables.
If you're using an event page, then you need to maintain some kind of session identifier, and prefix your value or key with this identifier. This identifier can be stored in localStorage and must be refreshed during the chrome.runtime.onStartup and chrome.runtime.onInstalled events.
Related
I am building an extension which every time the browser opens asks user for a strong password. Its purpose is that it uses that password to derive and generate strong passwords for new websites upon registration and it tries to regenerate same passwords next time a user visits an already visited website.
I am using below method to store user's masterpassword(used for password generation) which is sensitive information:
window.sessionStorage.setItem(varName)
And I use below method to get it whenever it is needed.
sessionStorage.getItem(varName)
My problem is that I want this data which is stored in browsers data to be valid as long as Chrome open. This master password needs to be cleared every time user closes the browser and to be asked every time it gets reopened.
I read that session storage is temporary and it gets cleared but it does not work for my extension. I also know that there is nothing to add in order to detect browser getting closed as it stops running your script.
Can you please help me with it? Is there such method that keeps data for a short time?
Since Manifest V3 removed the notion of persistent background pages. You can imitate this with chrome.storage.local. The only caveat regarding this is that it stores the variable in the extensions local storage which is still okay for that user.
One way to imitate a browser closing is by creating a chrome.runtime.port that is opened and then when the browser closes or the extension gets reloaded it will call onDisconnect for that port, and you can clear your chrome.storage.local.clear():
chrome.runtime.onConnect.addListener(port => port.onDisconnect.addListener(() => chrome.storage.local.clear()))
When the browser is launched, just connect:
chrome.runtime.connect(null, {})
That might unload itself when background script goes back to sleep, unfortunately, the only way to get passed that is to keep your own managed extension window that pops up. But that might be overkill for user experience.
It appears from my research that the browser widget in Livecode does not record cookies, nor does there not seem to be other methods at play. Two pieces of evidence: in Livecode, when I return to a site that has previously alerted me to a cookie being set—having said yes the first time—it asks me again when I return to that site; item two: when I open Chrome’s cookie storage, I don’t see anything set after saying yes to a handful of sites. Could the browser widget be setting cookies elsewhere, like in a Windows folder? Or does the Livecode browser require some additional code to record cookies?
TIA,
NerdZero
When the app/stack is closed (in the proper way) the browser widget is destroyed together with all cookies that were set. Therefore it makes sense that next time when you create a new, fresh browser instance, that you get those pesky cooky warnings again. There is no way around it, except for perhaps executing a piece of JavaScript that automatically accepts any cookie warnings. This may be a real hassle to set up.
I don't think it is possible to read set cookies and restore them later, as such behaviour wouldn't be secure.
I have created a chrome extension for generating passwords and outputting the phonetic version as well.
Basicly the extension creates the password and displays it in one DIV and the phonetic version in another, so if password was 'ac3', password DIV would show 'ac3' and phonetic DIV would show 'Alpha, Charley, Three'.
The problem is that as soon as I click outside the extension popup it disappears and I loose the current password.
My first attempt to sort this was to use chrome.storage.local.set after creating the password and then re-populating the password DIV via chrome.storage.local.get when you click on the extension again, this works great, but the data is available from any tab within the browser (even separate windows).
I understand that storing the password in any way is insecure, but wanted to find a way to limit the data stored to the current tab rather than globally.
I haven't found a way to keep the extension popup displayed to allow a user to copy/paste both DIVs.
Anyone got any pointers?
Also anyone able to point me in the direction of wiping the local storage value after a set amount of time? Just to make things slightly more secure.
This extension is used mainly for admin work, where you need to create a new password for a user, copy/paste it into a portal and then SMS/Email the password to the end user.
Data stored in chrome.storage is only available to your own extension, so it's not any less secure than any other way of storing it.
Just store it via chrome.storage.local.set() and then delete it a few minutes later, if unused. You'll have to set a deletion mechanism in background.js via chrome.runtime.sendMessage or chrome.alarms
I had also tried sessionStorage in the popup, but sadly it's lost as soon as the popup is closed. Same goes for history.replaceState.
How it is possible to move cookie from one browser to another? This must be done through the browser options
It sounds like you would like to be able to set a cookie in one browser (such as Google Chrome) and be able to access it from another browser (such as IE6).
If that is the case, check out evercookie (a very beefy solution).
If you want something more lightweight, you could try Adobe Flash cookies.
An easy way to see flash cookies in action:
In one browser open a YouTube video.
Change the volume.
Open a YouTube video in another browser.
You will be able to see that the volume has been remembered between browsers.
If you're trying to manually copy cookies between browsers, this JavaScript bookmarklet may be useful - it allows you to access and modify the cookies of the current domain; this means you could run it in one browser, copy the cookies to clipboard, then run in another browser and paste.
Note that some apps may store browser-specific data (or flags) in cookies (or related components, like sessions), which may lead to strange behavior (e.g. "this-cookie-was-set-for-IE6=1, enable broken-browser-workarounds").
I found that IE7 maintains same session for multiple tabs in a single browser window and thus doesn't support different sessions for different tabs in a single browser window. My client needs that the application should work perfectly in two different tabs in a single browser window. i think this is because of session and cookie problem. Is there a workaround for this.
Appreciate your help in this regard.
Thanks,
Manoja Swaro
Browser tabs share cookies (and not just in IE, in Firefox and the others as well), and the cookies contain the session ID.
You could switch to cookie-less sessions however this has security and usability concerns. URL based sessions are easily hijacked, and it breaks bookmarking as well, as each page has a unique URL per session.
IE7 doesn't maintain a 'session' as such, you're talking about a cookie with a session ID in it, I would guess. All browsers will have one value for a cookie, it doesn't vary by window/tab.
If you want a session ID to travel with the click trail, you're going to have to pass it from page to page, by (for instance) passing it as a URL parameter and ensuring that you add the parameter to the URL within the page. (Or do without a session.)
The real solution is to change your application so it doesn't assume each session has only one page. An application that can't be open in multiple tabs is broken.
This can be hard if this assumption is already deeply embedded in your code.