My chrome extension displays images from external pages (just their favicons in case that matters). The problem is that sometimes after storing the link to these favicons the site in question becomes listed as malware. This causes my extension popup to show a malware warning when trying to display the image.
My question is, is there a way for me to prevent this from happening? Perhaps there is a way for me to test a url is safe before attempting to display the image?
You could replace your image urls by an URL of yourself. And let your server check if the url is a malware site.
I would say this would involve a couple of steps:
Change the favicon links to a link of your server
On the server determine if an URL is a malware site. (So you have to find out what blacklist chrome is using.)
if it is a malware site show some favicon of your own
if it isn't, redirect to the actual site
Related
Sorry for the basic question, but couldn't find a similar answer.
If I write this link: click me.
On my HTML page, and host that page at google.com - When I navigate to that page the link will automagically link to google.com/about.
My question is, how does it do that? Does the browser just know the internal link from the page you are currently on? Is it the server calculating the links? How does it know to add the google.com?
I'm building a web crawler that finds links on a site (including these internal links), and not sure if I can just add in the google.com or if browsers work out internal links a different way.
I am trying to use an image from an existing website in my html page. The issue is that the image is not getting resolved correctly, Even when I hit the image URL directly on browser, its getting redirected to some other site. I have tried on all browsers but no luck.
I have heard about restricting resource using hot linking but in this case not sure whats happening. Any pointers/suggestions please.
Eg - I want to use image(http://www.acsisair.com.au/wp-content/themes/acsis-air/images/logo.png) but when hitting this URL after clearing browser cache, its being redirected to other website (http://www.nine.com.au)
It's very, very likely a form of hotlinking protection: if you change the URL subtly to make it clearly incorrect, you get a 404 page.
That means when you enter an URL to a resource that exists, you're given a header redirect. That's not an accident.
There's likely nothing you can (or should) do to circumvent this.
Use images you can host on your own site.
Im configuring a desktop and mobile version of my site and was looking to use js to test for browser dimensions and then load the relevant version, however the problem is if someone shares a link from the mobile version and sends it to a desktop user then they circumvented the check. Is there a way to configure .htaccess (or some other method) to have the address bar show 'mysite.com' even though i would be loading 'mysite.com/mobile.htm'? I know i can always use media queries but that has the downfall of loading unused assets, so this method would be alot better.
Use a rewrite instead of a redirect. With a redirect, the browser is instructed to go to another address. With a URL rewrite, the server just responds with the contents of a different URL.
For just this page it will be simple, but it could be complicated, based on your site.
Another way is to include a little JS in every page to make sure you are on the right one for the device and redirect to the other if not. It would help if there was some pattern to easily determine the corresponding page.
Google Webmaster Tools is reporting 403 errors for some folders on the websites server for example:
http://www.philaletheians.co.uk/Study%20notes/
The folder isnt forbidden so dont understand why it would be 403 errors for Googles Crawler?
How come the Google Crawler is trying to browser the actual folders and not just going straight to the files in that folder? Is this somthing to do with robots.txt ?
Make sure is there any actual place or document to be present if some one request that url. I've browsed through your site and could not found a link that directs to http://www.philaletheians.co.uk/Study%20notes/
Also it seems, all the study notes are inside this "Study%20notes" directory.So actual this link will not work anyway. So check the google web master tools's link from to find where this broken link situate and cure it.
Have you set default document correctly in your web server? In apache, this comes in the DirectoryIndex setting (and defaults to index.html). Also, in general it might be better to strip off spaces etc.. from your traversable directory names (the %20 you are seeing between Study and notes is a url-encoded space character), so as to keep your URLs clean to your visitors and search engine bots.
I've just got a site running nicely with the whole site running through SSL, but Google Chrome is throwing a "This page contains some insecure elements" message, which isn't good in terms of end user trust-ability. All other browsers work fine, and give the golden padlock.
The site is a Drupal 6 e-commerce site, running on apache2, and the error appears in the front end as well as the admin area.
Does anyone know of any methods to find out exactly which elements are being considered insecure?
Edit: I've used Fiddler to check the traffic, and it really is all HTTPS. It even complains on the site holding page, which is very light and has no javascript etc on it...
It could be a browser issue? Have you tried restarting, or clearing all of your cache?
In Chrome, this is trivial. Hit ctrl+shift+j to open the developer tools, and it will plainly list the URL of the insecure content.
Try it on https://www.fiddler2.com/test/securepageinsecureimage.htm, for instance.
I just had a similar problem. Turns out it was a hardcoded background image URL in a CSS file.
You should particularly check any 3rd party stylesheets you are using, as they may hotlink to an image on another server.
Easy solution? Save those images to your server and change the URLs to relative paths in the CSS file.
Hope this helps!
Search the source for http:? Something like <Ctrl-U> <Ctrl-F> http: in firefox should do.
The insecure element is something loaded over insecure — non-https — connection, e.g. image, stylesheet, etc. you obviously need fully qualified URL to load insecure element/
Use Firebug plugin of Firefox. In the NET tab all file locations are shown clearly. Try to find any files that are obtained from http protocol.
It's probably related to this bug:
http://code.google.com/p/chromium/issues/detail?id=24152
Which is why a restart fixed it.