I have a file sharing web app online where I want people to be able to remotely access and upload files from their mobile devices without a client, but clientless via HTML5/JS, to our servers.
I have seem remote support companies log in to client devices just using browser with clients permission.
Thank you for your time
Robert
I have a file sharing web app online where I want people to be able to remotely access and upload files from their mobile devices without a client, but clientless via HTML5/JS, to our servers.
This isn't possible.
Web applications cannot access files that haven't been explicitly selected by the user. Additionally, they cannot store files on the user's system without a download, and they cannot do anything at all unless they are active in a browser -- they cannot run in the background.
Web applications running on mobile (i.e, Android or iOS) devices are even more limited. They typically cannot interact with most files on the system. For instance, web applications running on iOS can only upload photos from the user's photo library, not arbitrary files.
I have seem remote support companies log in to client devices just using browser with clients permission.
Either you were mistaken, or something else was going on. For instance, a client application may have been previously installed.
I'm not following exactly what you mean. If you already have the service, that means that you can just create a form with a filefield to upload whatever you want, the size limit is only imposed by your web server (apache/nginx/whatever) and your backend service.
You can complicate things a little bit using HTML5 web storage (that's what MEGA uses) but I can't give you any specifics if you don't explain a bit more in depth what you want to achieve.
Related
I'm implementing a specialized cloud storage solution. As part of the deal, I supply a client app similar to "Google Drive"/Dropbox. This app is quite good because it not only keeps everything synced but also, when uploading a file, it can significantly increase upload speed.
My problem here is that a lot of times, the users HAVE the client app installed, but forget to use it, and upload new files via browser. So I was wondering if there's a way to make the browser report back to my app if my client app is installed.
I know that I can't run a app via javascript, but I was thinking can I ask if "there is someone who knows how to read the extension .XPTO" using javascript? because I can bind the extension to my app, and if there's no responder, I could proceed with regular browser upload...
I'm planning to make a login system by USB, so if you put in a USB-drive and open a specific webpage, the website asks the USB-drive for the code (e.g. by a JavaScript file, a redirect or something like that).
The problem is, because of sandboxing, you can't load or redirect to local files. I don't know a solution for this problem. Can you guys help me? I don't need specific code, just an example or something in that way.
Maybe you can read up on USB-HID. Wikipedia:
The USB human interface device class (USB HID class) is a part of the USB specification for computer peripherals: it specifies a device class (a type of computer hardware) for human interface devices such as keyboards, mice, game controllers and alphanumeric display devices.
Here are some references:
USB HID (Human Interface Device)
node-hid - Access USB HID devices from node.js
DepthJS: 'Allows any web page to interact with the Microsoft Kinect using Javascript'.
A related Stackoverflow question:
Write data to USB HID using Javascript, HTML5, or any cross platform language (supports Android)
One other possibility is to check out the Chrome HID (Human Interface Device) APIs:
Interacting with USB HID devices from web apps – via Chrome Apps, see below
Relevant Chrome API docs
Please note that for the time being, you cannot interact directly with the USB device (i.e. you cannot access any WebAPI offering that kind of fine-grained control).
Building a Chrome App (different from a Chrome Extension) may help; This article may point you in the right direction, since it also provides sample code.
The only way I can think of is putting a html file on the usb stick that essentially generates some sort of login token and gives you a link or a form to a login processor. You can then access the webpage by opening the local file first which will redirect you to the actual webpage.
This local script may include a javascript from the server to get some challenge-response-data which it hashes somehow (perhaps in combination with a password) and puts it into the form data.
Web PKI authentication from Modern Browsers may be achieved by using Browser Extension. One such extension is Signer.Digital browser extension. Use below Javascript promises from the APIs provided by Signer.Digital extension.
SignerDigital.getSelectedCertificate() to register user's certificate
SignerDigital.signHash(hash) to sign token at browser and verify at server
For all Javascript APIs refer to SO Answer https://stackoverflow.com/a/63173083/9659885
Disclaimer : I work for a company supporting the application below
Hello, you may try to use Nexu open-source application for communication with smartcards or USB tokens. It also support PKCS 12 keystores.
For example, the application is connected to the DSS webpage on the website of European Commission : see the link.
I'm new to mobile web app development. I have a simple fundamental question regarding mobile web app. Mobile web app is written in HTML and JavaScript. So are these HTML and JavaScript files stored on the mobile device locally or sent from a server? This question may be too simple for most people. But I ask this because if all JavaScript code is stored on mobile device, then how about cross domain access issues? Thanks.
It depends. If you package it in PhoneGap you will have all your assets stored in a single package that can be installed in multiple devices, but if you're working on a mobile web app thats served from a remote server, all the scripts, templates and css's will have to be downloaded. If you're having issues with cross domain comunications, try using JSONP in your requests.
All the files are downloaded each time you request certain url, for mobile devices and pcs as well.(the file will be downloaded or not depending on the caching setting, if the file was modified, etc)
To begin, I'm sorry for my awful english :)
I have a web application that will communicate frequently with a server running a
webservice offering JSON / XML. The application will send contact details / bills / products, and will have to manage an offline mode.
I thought to use this DOM cache (HTML5). However I must have constantly an updated customer list, bills etc. in offline mode because I can not make a request to the server.
It is therefore necessary to have an xml file on the mobile ... which will be read and modified. Is it possible and not too difficult to manage XML plaintext database with ExtJS (or another framework) on a mobile? (Android)
Thanks.
It's far easier to do with HTML5 storage, which you can use directly without the need for Sencha Touch API calls (providing you're on a supported device, iOS Safari supports web storage).
Have a read of this article from the Sencha blog.
Have a look at Lawnchair - this can be included in your app without a framework.
If you decide to use Sencha Touch you can use localStorage, which allows you to store key/value pairs in the HTML5 Web Storage on the device.
See this tutorial on the Sencha website. You could use localStorage to cache your json feed whilst making static assets available offline with a cache manifest file.
Let's say I've got a website that works better if a client has installed and logged into a desktop application. I'd like to be able to do 2 things:
Alter the website if they haven't installed the app (to make it easy for them to find a link to the installer)
If they've installed the app on a couple of machines, determine which machine they are browsing from
I'd like something that works on Windows and OSX, on any of the major browsers. Linux is a bonus.
A few thoughts:
Websites can detect if you've got Flash installed. How does that work and could it be used for both of my goals?
Could I just let the client serve HTTP on localhost and do some javascript requests to fetch a local ID? I know google desktop search did something like this at one point. Is this a standard practice?
Thanks!
You can register a protocol from your desktop application (see this). This can be used, for example, to open your desktop application with arbitrary data from the website. You could then have your desktop app send a HTTP request to your webserver, telling it what machine you are on.
You can have a browser plugin (activex for IE or Netscape plugin for the rest of the browsers) that can communicate with the application. When the webpage is loaded, it can try to instantiate the plugin and if it succeeded, it can use it as a proxy to the application. If it fails, then either the app is not installed or the plugin was explictly disabled by the user. Either way, your website should degrade its functionality accordingly.
Update: Forgot to answer your questions:
Flash does it exactly this way. Flash is a browser plugin that is created by the web pages.
You can have a machine ID generated at the application/plugin install time and your plugin can pass that machine ID to the webpage when it is created.
On the topic of using local webserver:
I would stay away from having a local webserver, mainly because of security considerations. It takes quite a lot of work to make sure your local webserver is locked down sufficiently and there are no XSS vulnerabilities that other malicious websites can exploit to make it do stuff on their behalf.
Plus, having a webserver means that either it has to run as a system-wide process, or if it runs as the user, you can have the website interact with only one user's instance of the application, even though multiple users can be logged on and running it at the same time.
Google Desktop Search suffered from both the XSS security vulnerability (though they fixed it) and the limitation of only one user being able to use it on a machine (I don't know if they fixed this one yet, though chances are they did).
Websites can detect if you've got Flash installed.
Actually, I believe a browser can detect if you have the Flash plugin for the browser installed, and webpages can offer "installed" and "uninstalled" option that the browser can choose.
Otherwise, you are asking for a means, by putting some code in a webpage, of being able to analyze a user's home computer, and report what it learned to you website.
Can you say Major Security Hole?
If you can pick a development environment for the desktop app, then check out AIR from Adobe. It lets you develop desktop applications using either html/javascript, Flash, or Flex.
It has API calls you can use from a browser based flash app to see if the desktop based AIR app is installed, what version, etc. You can even launch it and pass parameters from the web app to the desktop app.
http://www.rogue-development.com/blog2/2008/03/interacting-with-an-air-app-from-a-browser-based-app/
Websites can detect if you've got Flash installed. How does that work and could it be used for both of my goals?
it's quite a bit simple, your browser tries to render some additional files, with some specific formats such as flash .swf and I the browser doesn't find installation, then will be start downloading, or you will get the option to download that program.
Flash also uses AC_RunActiveContent.js please take a look at this js, people usually put this on their webpages
if (AC_FL_RunContent == 0) {
alert("This page requires AC_RunActiveContent.js.");
} else {
AC_FL_RunContent( 'codebase','http://download.macromedia.com/pub/shockwave cabs/flash swflash.cab#version=8,0,0,0','width','981','height','635','id','build5','align','middle','src','build5','quality','high','bgcolor','#ffffff','name','build5','allowscriptaccess','sameDomain','allowfullscreen','false','pluginspage','http://www.macromedia.com/go/getflashplayer','movie','build5' ); //end AC code
}