So, is it possible to implement web notifications for Chrome without SSL certificate?
I want to avoid installing SSL on my site and it would be cool if there was a way to send notifications without Service Worker.
You can still use the (old) Notification(title, options) constructor and it’ll work on some (desktop) platforms. But (as I guess you know), it doesn’t work in Chrome for Mobile (Android).
What does work on Chrome for Mobile is the ServiceWorker-based showNotification(title, options) approach. But per the Service Workers spec, you can only use Service Workers in secure contexts (in order to protect users from the risks associated with insecure contexts).
So if you want something that will work for Chrome for Mobile users, then the answer is, No, it’s not possible to use Web Notifications in Chrome for Mobile without Service Workers (and so also, without deploying an SSL certificate for your site).
Related
Many modern Web APIs are gated by the browser to be HTTPS only. This is good for users but can make developing painful. During development I'd like to be able to turn off that requirement just for testing.
Is there a flag I can set (about:config in firefox, about:flags in chrome) or a command line parameter I can pass in to turn off that requirement so I can test without having to setup https certs and add them to the browser?
Note: I understand the https requirement is dropped for localhost but I'm often hosting on one machine (like a laptop) and testing on another (like an Android device) or a different desktop. I know I can generate a local cert and run a server that supports https. I then have to deal with security warnings on the browsers (invalid cert) and/or add the private certs to all the devices OR I have to register a domain solely for the purpose of getting a valid cert via letsencrypt. For my own dev I'd just like to temporarily turn off that check in the browser if possible. Of course what I actually serve to users will be https but during dev if I could turn off that requirement things would be so much easier.
In my particular case I'm trying to use WebXR so dev happens on my laptop but actual testing happens on an Android device where the page is served from my laptop.
One solution suggested here is to use Chrome's port forwarding
https://developers.google.com/web/tools/chrome-devtools/remote-debugging/local-server
That works for Chrome desktop to Android
On your desktop you tell desktop chrome what site at what port to forward to your android device at another port. That site can be a server on the internet or a server running locally on your desktop. On the android device you can then access that site at http://localhost:<port-you-specified>. https requirements are dropped for locahost host so you can now use the APIs that were restricted otherwise.
Chrome has a developer setting Insecure origins treated as secure in chrome://flags/, this is a text field where you can add a list of origins treated as secure for development purposes. (Via https://github.com/immersive-web/webxr/issues/60)
I set up a service worker for a static web application that needs to work on mobile phones. I'm using react/webpack2 for this application.
Service Worker installs and works greatly when I open the application via desktop, but when I try to visit the application through mobile, it does not install.
When SW finishes installing, it gives you an alert message ("onInstalled");
https://abo-deg.surge.sh (here is an example)
https://abo-deg.surge.sh/survey/background
https://github.com/strongharris/sample (sw.js located inside src, main entrypoint: src/index.js, webpack.config)
The alert message shows up via desktop, but not on mobile browsers.
Am I missing something? Is there a different way to set up a service worker for mobile web applications? Any resources, or tips, or guesses would be greatly appreciated.
I think the answer is pretty simple. Your server does not automatically transfer you to https://abo-deg.surge.sh when you type abo-deg.surge.sh on your mobile.
I was able to run it on Chrome Mobile by typing full URL with https://
Service worker API is available only for websites running over HTTPS, because
Having modified network requests wide open to man in the middle attacks would be really bad
https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API
Please keep in mind, that your code will work only on these browsers, so don't expect it to work on iOS
It appears that some browsers support querying for local mDNS addresses (of the type http://hostname.local/), while others don't.
It looks like iOS supports this in it's networking stack itself, so all browsers on iOS support .local addresses. On Android, it appears that all DNS queries are sent to Google's overlord servers, so .local addresses are just not possible to resolve. However, Firefox on Android for example implements it's own DNS querying for .local type addresses, so there are at least some Android browsers that support .local addresses. As far as I can tell, on the desktop, mDNS support depends on the OS. Mac supports mDNS out of the box, while Windows and Linux support it if Bonjour/Avahi is installed.
My web app runs as a single-page-app served from a static server on a local intranet, and I need to communicate directly with other servers in the network using CORS (no proxy). To be able to locate and address the servers, considering that DHCP might not assign them a static IP, I need to know if mDNS querying is supported in the user's browser, and fail gracefully if it isn't.
How can I feature-detect, in client-side Javascript, if mDNS is supported in the user's browser? I don't mind if the solution is a little hacky, if it solves the problem.
Would it be possible to start on the Android phone background running service which will listen on a certain port for incoming local http connections and communicate with the the built-in web browser (I am not talking about the web view), Opera or Dolphin browser by capturing all such localhost calls - http://localhost:8081/serviceCall?
The goal is to make a tiny webserver running on Android phone, which can deliver the web browser some information, the browser does not have access to. But I am not sure if there are not some security restrictions, etc.
BR
Petr
Is it technically possible? Sure.
Is it wise? Only if you are a security expert or have a large legal defense fund. You will not be just sending data to "the built-in web browser", but to any application that chooses to make HTTP requests.
The main reason I'd like to use j2me is that one of its main advantages is that it can access the phone's resources through its various APIs. However, due to newer phones having web browsers like Safari, Opera, and Windows IE, it would be advantageous to build a web application so a user wouldn't have to download some software onto their phone. Is there a way I could build a web application that can also acquire resource information about the phone? Or maybe have j2me converted to Javascript (if that's even possible)?
You can make a link that would send an SMS, but other than that, there's no cross-platform api for accessing phone internals from browser, as far as I know.
So, if you've got to access phone's resources, you'll have to write a real app.
The webkit engine on recent Series60 phones has been given access to at least some phone resources.
Nokai calls it Web Runtime or WRT.
http://www.forum.nokia.com/Resources_and_Information/Documentation/