I've having app which sometimes open the popup blocker, when the user run the application chrome have some flag in the url box (right side) which tell to the user that the pop-up is blocked ,in this case I give to the user in addition new warning message like "please pay attention the page was blocked please enable it..."
My question is when and in which term I need to do this check again ,assume the user allow the new App page
if user close and open the browser does he need to enable this pop-up again ?
I know that if the user will run it in diffrent chrome versions (like canary or beta) he probably need to confirm this page again but
my question in which cases the pop-up will show again to the same
user(which confirm it before)
In which case after allowing the App to run the pop-up blocker will block it again?
Btw I saw that in my company they add the exception to the popup blocker
with some automated process, how it can be? there is a code that can do that?(strange...)
I see it when I click on setting search for pop -> privacy -> content settings -> manage exception and then I see
Do you know how its possible to the company to add this privacy settings ( i've addtional for my company entries domain pattern...),
how this is possible?
Policies can be set which override user Preferences set at Settings.
See Documentation for Administrators, follow links at Windows Quick Start, Mac Quick Start, or Linux Quick Start.
Read Configuring Other Preferences, Policy Settings in Chrome
Should I use a Preference, or a Policy?
If you want to set some specific behavior that is accomplished by both
a preference and a policy, and you're not sure which one you should
use, simply answer: do you want users to be able to change this
setting?
User cannot change policies at will, but they can change their
preferences.
Note, these changes to Preferences file should be made when chrome, chromium is closed, that is does not have an ongoing process instance to avoid a SingletonLock file not being created in Default directory a when chrome, chromium is launched again.
To set the preference at Preferences file in browser configuration file, for example $ gedit ~/.config/chromium/Default/Preferences
"popups":{"[*.]domain1.com,*":{"setting":2},"[*.]domain2.com,*":{"setting":1}}
where 2 blocks popups, 1 allows popups, see also DefaultPopupsSetting.
The icon at the right of the Behavior at Pop-up exceptions at Settings indicates
This setting is enforced by your administrator.
Policies can applied to devices Set Chrome policies for devices or users Set Chrome policies for users by the administrator.
The formats for policies at different platforms are
Example value:
Windows:
Software\Policies\Google\Chrome\PopupsAllowedForUrls\1 = "https://www.example.com"
Software\Policies\Google\Chrome\PopupsAllowedForUrls\2 = "[*.]example.edu"
Android/Linux:
["https://www.example.com", "[*.]example.edu"]
Mac:
<array>
<string>https://www.example.com</string>
<string>[*.]example.edu</string>
</array>
For example, to create a mandatory policy for the device for popups at *nix platforms you can create a .json file at /etc/chromium-browser/policies/managed/
$ sudo touch /etc/chromium-browser/policies/managed/popup_policy.json
$ gksudo gedit /etc/chromium-browser/policies/managed/popup_policy.json
then set the popup policies for PopupsBlockedForUrls, PopupsAllowedForUrls
{
"PopupsBlockedForUrls": ["[*.]example.com", "[*.]example1.com]"],
"PopupsAllowedForUrls": ["[*.]example2.com", "[*.]example3.com]"]
}
When chrome, chromium is launched you can verify the policy is being enforced by navigating to
chrome://policy
where the policies should be listed; for example
Applies to Level Source Policy name Policy value Status
Machine Mandatory Platform PopupsBlockedForUrls [*.]example.com, [*.]example1.com] OK
A sample policy list template is available at policy_templates.json, see also Policy Templates.
Related
The Chrome dev team apparently just rolled out a new "feature" called SuppressDifferentOriginSubframeJSDialogs, which makes it so alert+confirm boxes from an iFrame on a different domain than the parent does not show up, by default: https://www.chromestatus.com/feature/5148698084376576
This means if you have an embedded form, and you relied upon the standard JavaScript alert to inform the user of errors (or a confirm to ensure they want to make a change), it now does nothing, completely destroying the UX.
Obviously we can overwrite the built-in alert and confirms with custom ones, but moving away from what is built into the browser now introduces re-designs for every UI (mobile, tablet, laptop, desktop, etc.) instead of just relying upon proven, built-in technology.
Is there a way to change this cross-domain setting, or to whitelist specific domains to override this feature? We do have access to the parent site with an external JS include file (obviously, otherwise this would be a wide-open back door).
To Disable SuppressDifferentOriginSubframeJSDialogs , which block js Dialog box pop up
If you are single users ( Windows ) :
Right click on desktop and create a shortcut
Windows will pop up a screen and ask you "type the location of the item:"....now paste those value into the textbox
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-features=SuppressDifferentOriginSubframeJSDialogs
Click "next" then "finish" button to create the shortcut
Now you shall see a chrome shortcut created in your desktop .Close all active Chrome instance ( if exists ) then launch the shortcut and you will found Js pop up wont block anymore.
Tips :
If you want push this fix to all your cooperate domain users , you may consider use Domain group policy to update Chrome shortcut value or use custom domain logon script logic to do so
I found a setting in the latest Chrome GPO template that creates a reg entry that will deal with this and the same reg entry placed in the Edge location also resolves the error there. (at least it worked for the problem that came up for us yesterday FWIW)
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge]
"SuppressDifferentOriginSubframeDialogs"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome]
"SuppressDifferentOriginSubframeDialogs"=dword:00000000
The latest Edge GPO templates do not have the setting yet, but I imagine it's only a matter of time.
Today I tried it again with Google Chrome Version 92.0.4515.131 and it suddenly worked again. Can anyone confirm this?
Add for Mac users.
If you use mac OS:
Quit all running instances of Chrome.
Run the terminal application.
In the terminal, run the command:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-features="SuppressDifferentOriginSubframeJSDialogs"
You can see more details here :
https://trailblazer.salesforce.com/issues_view?title=salesforce-functionality-impacted-in-[%E2%80%A6]oss-origin-iframe-javascript-dialogs&Id=a1p4V000002BRMX
When you navigate to https://stackoverflow.com in IE11, it redirects the user to Edge with the following tab open: https://support.microsoft.com/en-us/office/the-website-you-were-trying-to-reach-doesn-t-work-with-internet-explorer-8f5fc675-cd47-414c-9535-12821ddfc554?ui=en-us&rs=en-us&ad=us
How do I implement this in my own site? Is there a meta tag that can enable this?
EDIT: Here's a clip of what it looks like. Tried on Windows 10. https://streamable.com/nwtt22
Ah yes, I wondered this too, and also assumed to be a browser only thing.
Sure enough!
It's the ie_to_edge_bho (Browser Helper Object) DLL file found in the Edge Program files.
I was curious enough to Hex edit the DLL file and found the URL in which it pulls these approved sites from... almost like a master/default list.
Yes, it's built into the BHO, no it's not stored locally from what I can tell.
(Screenshot of Hex editor)
Here is the link: https://go.microsoft.com/fwlink/?linkid=2133855
Which forwards to https://edge.microsoft.com/neededge/v1
I have no idea how you get your own site on this list, but I figured I would add this information. :)
I was wondering this too. After reading Joshua Joppie's answer, I did some Googling and found this webpage.
Turns out, you need to e-mail Microsoft to get your site added to the Edge-only list (how to do so is explained on that page). I'm not sure if they'll take a request from anyone, or whether you need to be a big website, like Stack Overflow. It's worth trying anyway, as the only requirement they give is this:
The IE compatibility list is designed to work with public sites only.
To be honest, I've no idea why they didn't just make a <meta> tag for it. It would be much easier.
If I have time (which I doubt), I plan to make a JS programme that mimics the functionality of a website's presence on this list and I will link to it here. You could always do a user agent check that redirects the user to microsoft-edge:https://example.com (where example.com is your website) if it detects them using Internet Explorer.
Need to add the below script in the head tag to redirect your website in Edge browser
<script>
if(/MSIE \d|Trident.*rv:/.test(navigator.userAgent)) {
window.location = 'microsoft-edge:' + window.location;
setTimeout(function() {
window.open('', '_self', '').close();
// window.location = 'https://support.microsoft.com/en-us/topic/we-recommend-viewing-this-website-in-microsoft-edge-160fa918-d581-4932-9e4e-1075c4713595?ui=en-us&rs=en-us&ad=us';
}, 0);
}
</script>
This is controlled by Edge Chromium group policy not code. You can refer to the steps below to set the group policy to achieve the goal:
1. Send all sites not included in the Enterprise Mode Site List to Microsoft Edge
This setting lets you decide whether to open all sites not included in the Enterprise Mode Site List in Microsoft Edge. If you use this setting, you must also turn on the Administrative Templates\Windows Components\Internet Explorer\Use the Enterprise Mode IE website list policy setting and you must include at least one site in the Enterprise Mode Site List.
Open Group Policy Editor.
Click Computer Configuration > Administrative Tools > Windows Components > Internet Explorer.
Double-click Send all sites not included in the Enterprise Mode Site List to Microsoft Edge.
Select Enabled.
Click OK or Apply to save these settings.
2. Configure which channel of Microsoft Edge to use for opening redirected sites
This policy enables you to configure up to three versions of Microsoft Edge to open a redirected site (in order of preference).
In the same path of Group Policy Editor, double-click Configure which channel of Microsoft Edge to use for opening redirected sites.
Select Enabled.
Under Options, select your top three choices for the channel to use - Internet Explorer will redirect to the highest ranked choice that the user has installed on that device:
Microsoft Edge Stable
Microsoft Edge Beta version 77 or later
Microsoft Edge Dev version 77 or later
Microsoft Edge Canary version 77 or later
Microsoft Edge version 45 or earlier
Click OK or Apply to save these settings.
3. Use the Enterprise Mode IE website list
This policy setting lets you specify where to find the list of websites you want opened using Enterprise Mode IE.
Create or reuse a Site List XML. Sample file is like below:
site.xml:
<site-list version="8">
<created-by>
<tool>EMIESiteListManager</tool>
<version>10.0.14357.1004</version>
<date-created>08/20/2020 07:45:39</date-created>
</created-by>
<site url="www.example.com">
<compat-mode>IE7</compat-mode>
<open-in>IE11</open-in>
</site>
</site-list>
In the same path of Group Policy Editor, double-click Use the Enterprise Mode IE website list.
Select Enabled.
Under Options, type the location of website list. If it's in local, you can set it like this: file://D:/site.xml.
Click OK or Apply to save these settings.
It's quite simple to add your domain to the redirection list.
https://learn.microsoft.com/en-us/microsoft-edge/web-platform/ie-to-microsoft-edge-redirection#request-an-update-to-the-ie-compatibility-list
https://learn.microsoft.com/en-us/deployedge/edge-learnmore-neededge
Request an update to the IE compatibility list The IE compatibility
list is an XML file on microsoft.com. The list is regularly updated in
response to user and website developer requests to have websites added
or removed. Updates to the list are automatically downloaded to user
machines.
Email the following information to ietoedge#microsoft.com for your
website to be added or removed from the IE compatibility list.
Owner name Corporate title Email address Company name Street address
Website address
I'm fairly certain that Microsoft checks its "Enterprise Mode Site List" in order to decide whether to open the webpage or direct users to Edge. You can find more information about it here: https://learn.microsoft.com/en-us/internet-explorer/ie11-deploy-guide/what-is-enterprise-mode
I'm writing a Chrome extension, it listens the chrome.windows.onRemoved.addListener and disconnects the user when chrome window is closed.
I want to execute script (chrome.tabs.executeScript) in the "chrome://settings-frame" page.
In this page i am going to manually disconnect user from Chrome.
(by running this code: chrome.send('SyncSetupStopSyncing', [deleteProfile]);)
Is this permission possible?
Thanks for any hints.
No, there is no permission that would allow you to access chrome:// URL scheme. This is an explicit safety mechanism against potentially malicious changes to Chrome settings.
You can get the access if you enable extensions-on-chrome-urls flag, but obviously you can't do that on machines you don't fully control.
Additionally, there is no API to manipulate users in Chrome.
I have chrome extension which get installed with using installer which install some process and browser extensions. As per chrome security changes stand alone installation will be blocked.Google to block local Chrome extensions
If we host extension on chrome store what are the ways we can redirect chrome from installer to install extension.
According to the Chromium Blog:
If your extensions are currently hosted outside the Chrome Web Store you should migrate them as soon as possible. There will be no impact to your users, who will still be able to use your extension as if nothing changed. You could keep the extensions hidden from the Web Store listings if you like. And if you have a dedicated installation flow from your own website, you can make use of the existing inline installs feature.
So, basically, what you need to do is:
Host your extension on the Chrome Web Store (optionaly keeping it hidden from the listings).
Have your installer open a Chrome browser window pointing to a webpage on your site.
On that page have all necessary info and data for the user to initiate the extention's installation process. (The key concept here is that the user has to initiate the installation process, e.g. by clicking a button.
How does inline installation work:
The HTML page on your site from which you want inline installation to occur must contain one or more tags in the section referencing the items that the user can install. Each tag must have the following format:
<link rel="chrome-webstore-item" href="https://chrome.google.com/webstore/detail/itemID">
To actually begin inline installation, the chrome.webstore.install(url, successCallback, failureCallback) function must be called. This function can only be called in response to a user gesture, for example within a click event handler; an exception will be thrown if it is not.
(emphasis mine)
More info on the inline installs feature.
I'm creating web application on ASP.NET WebForms, and one of my tasks is copy/paste data to excel from web page. I/m using window.clipboardData, and it works for my user (local admin). But for other users it doesn't work. How can I fix it? Thank you.
This is a browser level permission, that need to be set depending of the browser.
In the documentation of your application you need to specify where and how to enable it on the browser.
I recommend you to explore each browser options, for your documentation.
For Internet Explorer you can go to Internet Options>Security>Add the Website/link to the trusted sites (Make sure https checkbox is checked, if your website is not using https). After adding it, go to Custom Level in the same window. It will pop another window, you can explore all the options for any other think you may need. The option to allow access to clipboard show be "Allow Programmatic clipboard access" and set it to enabled.
It may be a ActiveX Control that can make it automatically, but will work only for Internet Explorer.