I just want to see if anyone ran into the following scenario where we are facing couple of issues.
scenario:-
User clicks a button with in addin webapp, popup opens up with a predefined login flow, once login is completed, token returns back to addin webapp and remaining application flow continues.
Couple of issues we are facing are ...
If we dont set/use IE in protected mode, the app doesn't seem to return the control back to the addin. Without token, we can't let the user continue.
So if we use IE in protected mode, we are facing issues like
1. the web UI app calls with excel API doesn't seem to work properly. Especially, binding and events.
2. The internal calls from web UI to rest services doesnt work properly.
Just wondering if you guys have any input.
If you are using window.open directly to create a pop-up then the behavior you described is expected; that is how IE behaves with different integrity level (which is essentially what happens when 2 sites are in different security zones).
If you are using the Dialog API to create a dialog, for rich clients, like Excel for Windows Desktop, then you should not experience this issue as the process that we create is on the same integrity level as the parent (usually a taskpane). So give that a go.
Related
Application in my project is very complex with number of backend systems and heavily written on javascript for frontend. Application works only in internet explorer and hence I am using InternetExplorerDriver.
I was successful in automating single browser window instance but when clicking some links which further opens new browser window where application is throwing "a javascript error occured"(error not with selenium). When I am doing the same flow manually by opening internet explorer and launching the application with URL then I am not seeing any error. I have tried all possible Desired Capabitilies and passed different values by trial and error method.
Also I have simulated mouse and keyboard events through Actions method when I am trying to click the link. None of them working for me.
So I am trying to understand is there any difference how selenium interacts with browser and how manually we interact with browser. Please help me on this one. Thanks in advance.
Hello we have a question about PWA and window.close events,
Before asking the question we will give some background information why we are asking this question in the first place.
We are trying to rebuild our XUL appllication to a HTML5 one with webcomponents and PWA. In this XUL Application there are allot of pop-ups with there own child windows,the user shouldn't be able to close a parent window while still having edited data inside a child window. This problem is solved when using the beforeunload event on the window object. One small problem you can't really customize this events behavior the user just gets the default message of data loss.The custom message behavior isn't available anymore because the behavior is obsolete since chrome 51.
So far the background of the problem we are trying to solve.
The question,
isn't there any setting inside the PWA manifest.json so you could ask user permission settings to be changed when the PWA is installed and run for the first time. And when this happens the user will be asked to give permission for the window.close event to be cancel-able. When doing this the user confirms to custom or none beforeunload alert pop-ups. This behavior will only be activated if the PWA is installed to the desktop of the user.
Hopefully this is or will be a option.
No, there is no permissions definition in webapp manifest.
(there is something similar for chrome extensions though)
By definition a PWA should behave as a native application, so if you are rewriting software to be a PWA you should re-model your application logic so that it stores the last state of the application on localStorage/indexedDB or similar and reads it upon starting and this would enforce the user to stay on the state you need it. No one should enforce the user to stay with the application open when they don't want.
I'm currently developing a web app that allows users to add a list of websites that they want to block i.e. preventing them from accessing the website from their browser.
Ideally I want to be able to block websites on every browser but this is difficult, so I narrowed my research to just Chrome for now. I came across the chrome.webRequest api which seems promising but it specifically says its for chrome extensions and am unsure if it would work for my web app.
Can anyone point me in the right direction for blocking websites on a web app, ideally using javascript. Any help is much appreciated!!
EDIT:
1) I forgot to mention that I'm using firebase for my backend.
2) People have been saying that I can't block websites outside the web apps scope, if I instead used electron to make the web app a desktop application would it then be possible?
Firstly you have a database containing URL of blocked websites. URLs are modified using your web app. That's one part. Now your problem is how to make the browser work with your database.
The only possible way for you to share blocked URLs with the browser is via API. You must have API that can communicate outside your web app.
Now browsers such as chrome/firefox give users the power to make changes inside and outside the dom. For chrome, you have chrome extension where Google provides API so the users can manipulate actions outsides regular actions such as manipulating dom. An example I can give that is closely related to your subject matter, which is an action activated before/after a user enters URL on the search box and for that, we use the following API from https://developer.chrome.com/extensions/webRequest
And it's same for Firefox.
Most of the people who will access my app will do so from a preinstalled software on their pc that has a browser component built with Microsoft's WebBrowser Control which is just Internet Explorer wrapper.
I want to know if there's a way I can detect, using Javascript, or any other method from inside my website, when it is being rended using this wrapper.
The reason I want to do this is that software was already built and goes to the home page of my site. But I want to redirect them directly to the login screen if they are accessing from that wrapper.
By default the WebBrowser Control uses IE7 so you can check the user agent string (I doubt your other users will be using such an old Internet Explorer version as their browser causing a faulty recognition).
However, this is not a perfect solution, if you can modify the preinstalled software and deliver a new version to people that will be using it you can send a specific header along with the request to determine its origin.
I don't think you can do this accurately. As Samuil stated, you can hack it a bit and maybe catch some of it.
Why not set the default page of your website to be the login page so the user goes to that page regardless?
I have been implementing PayPal Digital Goods Express Checkout in my (HTML5) web app to enable the 'in-app' purchase of extra app content. In my desktop browsers (Chrome, Safari, Firefox) the digital goods flow works without problems. In that flow popup windows are opened at some points, for instance when the user clicks the login button or the button to pay with his creditcard (i.e. without having a paypal account). The popups are no problem for the desktop browsers. However, in Mobile Safari on my iPad 2 popup windows are always opened as (new) tabs, even if a property string containing width, height, etc. is passed to a JavaScript window.open() command. This makes it impossible to implement PayPal Digital Goods Express Checkout and have a good user experience in both desktop browsers and Mobile Safari. When the web app is run full-screen on the iPad (using an icon on the home screen) opening the popups becomes even more problematic (or impossible).
In trying to solve my problem I came up with the following options, none of which has yet led to satisfying results:
Customize the payment flow. Of course this is possible to some point, but after having redirected the user to the 'incontext' Express Checkout page that forces the user to login to PayPal, customization is out of my hands (as far as I know). For instance, I cannot customize the login process itself and make it work in an iframe (instead of a popup window) instead. It would be cool if there were some advanced API commands that I could use server-side to make the user login to PayPal myself, using my own (iframed) login form, but this seems too far-fetched.
Make popup windows work like expected in Mobile Safari, preferably also when a web app is run full-screen. I don't think it strange that Mobile Safari opens new windows as tabs (there are other browsers that do this). I do think it is strange that popup windows that are opened from JavaScript, using window.open and a property string that defines the window's position and dimensions, are opened as tabs. Does anyone know how to make Mobile Safari open such popup windows normally without requiring the users to change some browser setting?
To demonstrate my problem (and show that I am not the only one facing it, though this site's owner probably doesn't know it ;-), go to digitalmagazine.autosport.com with your iPad and click the 'Pay with PayPal' button at the top-left of the page. Click the login button in the PayPal iframe. The site disappears and the login page (that is supposed to be opened in a popup window for an 'in-app' experience) opens full page.
I have also looked at the client side (JavaScript) techniques that are used by similar in-app payment systems, but those (understandably) also use popup windows. Therefore I would prefer the second solution that I have described above. That one will also involve much less work.
While PayPal supports the mobile platform, you will need to make some changes to fully implement it for iOS and other mobile operating systems. You will find the PayPal Mobile overview here: https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_ECOnMobileDevices
The process starts with changing the redirect command in Express Checkout flow to _expresscheckout-mobile, and then steps through a list of additional requirements for full implementation. Read the documentation carefully, as it can be a bit picky when it comes to supported NVP fields.