I was entering my Google account recently and noticed that not only did it say which browser I was currently using - it also knew the exact name of the computer I was using. How is Google able to fetch these informations?
I have been browsing the internet for javascript methods that should give me computer name or similar - but I am sure that Javascript is not able to read these data. If for anything, the site should maybe contain a small java application that executes and fetches the data, but that would usually require for me to accept that java is running in the browser by clicking a modal opening box.
Then I thought maybe they executed some C code in the browser - but how do they do it and access data outside the browsers "sandbox"? A third theory I have is that when I installed the Google Chrome browser, it was able to pass along these details - but it didn't make sense neither when I note that it also knows my iPads exact name though I haven't installed any google applications on my ipad at all. (neither google maps, gmail, chrome or anything).
UPDATE 01/25/2016
I have given this some extra thought and seemed to stumble across something else. I went through possible solutions using node.js or Flash to do the same, but I recalled that Google writes everything in Python, which made me think if it was simple enough using Python. I found this post: How can I use Python to get the system hostname? and thought that this might be a way for Google to it. I don't know if this is still achievable when you are writing a website and if this is a browser-based method as well (mind you I am not Python programmer at any level).
I did some testing. I have 2 Google accounts, and what I found was that on my main account (which I use with Chrome), Google knows my computer name. On another account, I am logged in with Edge and Firefox, but neither of them show my computer name. It was not until I logged into the Chrome browser ITSELF (not the Google page) as a Chrome user that my second Google account showed the browser I was using.
I verified this on my laptop: I logged in with my second account into the Google website on a new user, which didn't update the computer name on either device in the security settings. Once I logged into the Google Browser with that account, it showed my computer name. So it looks like because you're logged into Google Chrome, Google knows your computer name.
Note that Google using a sandbox does not make any difference for this. It is trivial to find your computer name, all it takes is hostname in a command prompt.
the problem here is if there was a way to get dekstop name though headers that means the browser has that info and if it has there will definitely be some way of getting the name from javascript but there is not i support the above answer that the google uses some sync bad habits or it may be that it stores the ip address which btw we can get with headers this might be the case as with tokens and this ip address thing ddos attacks will be quite easier to deal with so this ip address storing might be true but still its just a guess
Because when you connect to Google they install cookie in your compputer for they know your information and for say you are alerady come here its Like ID Installor
Cookie its file (ID) when you connect to site, the site use this file for know if you alerady came here or not and they can get all your infos: IP, Computer Name, Access To WIFI I thing and create special and unique ID on your pc
that are why they know your computer name
I don't know you still want to know that or not but anyway,
Every requests that browser sends to loading every pages on the web has some headers, and this headers has some information about browser, referral url and etc..
The important one in this case is "User-Agent" header which includes information about browser, OS and few more information.
You could access the browsers User-Agent string using Java Script in client side via:
navigator.userAgent
and even in server side programming languages like PHP and ASP and etc.. .
This is and example User-Agent string of Safari browser on Macintosh Device:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/7.0.3 Safari/7046A194A
Also you can get yourself User-Agent string and all of analysed datas here
Related
Today, when I was coding, I want to use the mailto: tag but it does not work.
maybe my program is wrong, or my computer is bad.
How could I change what program I can use? (like outlook to gmail in web browser)
Your program is not wrong and your computer is not bad. Your browser simply hands over the details of the mialto URL to whatever the default mail client is. Where that mapping exists depends on what browser you are using. But most implementations are predicated on the mail client (specifically the MUA) being a standalone program on the local computer - so it may be trick to convince the browser to use a URL.
OTOH, you can explicitly reconfigure Firefox and Chrome to use a web MUA (including Gmail) via navigator.registerProtocolHandler()
I am trying to use the Google+ sign in button via the javascript api. Everything works fine on Windows computers and Chromebooks, but it fails on every Mac that I have been able to test it on. (see update 2 below, this is not actually a Mac problem)
When the initial Google api file is loaded (https://apis.google.com/js/client:platform.js) an error is logged in the console, saying that https://accounts.google.com/o/oauth2/iframerpc?scope=email+profile&response_type=token+id_token&login_hint=[HINT]&origin=[ORIGIN]&action=issueToken&ss_domain=[SS_DOMAIN]&hd=[HD]&client_id=[CLIENT_ID]&hl=en&from_login=1&as=[AS] returned a server side error. When I pull up the URL in the browser directly, I get a JSON object with one property:
{"error":"internal_server_error"}
This only happens on Mac computers (Google Chrome, haven't tried another browser), and it all works fine in an incognito window. (see updates below, Mac is not the problem)
UPDATE:
I have determined that this only happens when a user is signed in to multiple Google accounts; and moreover, only when the user is trying to authenticate to my website using one of the accounts that is not marked as the "default" account (a.k.a. the first Google account that they signed into).
This also happens on Safari.
UPDATE 2:
This is NOT a Mac issue, it just happened to be coincidence that the 5 or so users that this affected were all using Macs (even though our company probably only has 10 out of 200 users that use Macs, and the only people reporting this error happened to be using Macs).
The real issue happens on any computer, but ONLY when the user is signed in to multiple Google accounts and tries to authenticate to my site using a one of their Google accounts that is not the "default" account.
P.S. Thanks to #brenjt for the subject update, which turned out to be very accurate.
Thanks for the report, Blair. It took us a while to dig into the root cause of this one, and were assisted by your comments. Assuming it's the bug we think it is - we pushed a fix to production around last Wednesday that resolves the issue. Please let me know if that's not the case!
I have developed a site for use on my company's intranet. You can not access the site from outside of the network.
Asking users to log-in pretty much means they won't use it as logging in is seen as cumbersome. I am trying to find the most seamless way of grabbing some identification.
I used Javascript and Chrome to develop the site. I would like to have a way to grab a computer name or windows user name or something that will uniquely identify the user. A chrome extension would work.
I understand ethical issues with an application on the internet doing this, but this is for internal use only.
I'm planning to make a login system by USB, so if you put in a USB-drive and open a specific webpage, the website asks the USB-drive for the code (e.g. by a JavaScript file, a redirect or something like that).
The problem is, because of sandboxing, you can't load or redirect to local files. I don't know a solution for this problem. Can you guys help me? I don't need specific code, just an example or something in that way.
Maybe you can read up on USB-HID. Wikipedia:
The USB human interface device class (USB HID class) is a part of the USB specification for computer peripherals: it specifies a device class (a type of computer hardware) for human interface devices such as keyboards, mice, game controllers and alphanumeric display devices.
Here are some references:
USB HID (Human Interface Device)
node-hid - Access USB HID devices from node.js
DepthJS: 'Allows any web page to interact with the Microsoft Kinect using Javascript'.
A related Stackoverflow question:
Write data to USB HID using Javascript, HTML5, or any cross platform language (supports Android)
One other possibility is to check out the Chrome HID (Human Interface Device) APIs:
Interacting with USB HID devices from web apps – via Chrome Apps, see below
Relevant Chrome API docs
Please note that for the time being, you cannot interact directly with the USB device (i.e. you cannot access any WebAPI offering that kind of fine-grained control).
Building a Chrome App (different from a Chrome Extension) may help; This article may point you in the right direction, since it also provides sample code.
The only way I can think of is putting a html file on the usb stick that essentially generates some sort of login token and gives you a link or a form to a login processor. You can then access the webpage by opening the local file first which will redirect you to the actual webpage.
This local script may include a javascript from the server to get some challenge-response-data which it hashes somehow (perhaps in combination with a password) and puts it into the form data.
Web PKI authentication from Modern Browsers may be achieved by using Browser Extension. One such extension is Signer.Digital browser extension. Use below Javascript promises from the APIs provided by Signer.Digital extension.
SignerDigital.getSelectedCertificate() to register user's certificate
SignerDigital.signHash(hash) to sign token at browser and verify at server
For all Javascript APIs refer to SO Answer https://stackoverflow.com/a/63173083/9659885
Disclaimer : I work for a company supporting the application below
Hello, you may try to use Nexu open-source application for communication with smartcards or USB tokens. It also support PKCS 12 keystores.
For example, the application is connected to the DSS webpage on the website of European Commission : see the link.
Synopsis: I am developing a HTML5 web app that will allow tablets(iPad or Droid) to login to a server and perform various functions. The client would like a way to check the devices mac address when logging in. From what I have read, most solutions use activex objects that will not work for webkit browsers.
Question: Does anyone know a solution that would hook into a HTML5 web app seamlessly(Idealy update a hidden form element with the value upon logging in)?
Thanks!
I don't think there's going to be a straightforward way to do this. The web server won't be exposed to a client's MAC address unless they're on the same physical segment...you'll only see the MAC from the most recent router hop in general.
If anything exists, it's going to be a browser plugin (show-stopper on iOS). And it would probably need more than the default permissions available (I don't suspect you can enumerate network interfaces in Java, for example, without asking for elevated permissions).
If you're looking for HTML/JS only then I don't think that this is possible. It won't be exposed.
The problem is that the packets you recieve back will only contain the MAC address of the node on the last hop.
This may be possible via a plugin, but then this limits you on iOS, and possibly also Android as you'd need to provide them a way of getting the plugin first (unless you used a plugin that was installed by default).
Edit: Not that I support an app for every little thing, but it shows that easy to press app buttons sometimes tend to do better than web apps (regardless of being able to make browser shortcuts to home screens). If it is suitable, you could consider loading this within a web view on the target device from within an app, from which you can then of course access MAC addresses and whatever else you may need.
MobiThinking: Mobile applications: native v Web apps – what are the pros and cons?
Forbes: Mobile Web App vs. Native App? It's Complicated