Start dialer.exe from browser? - javascript

I am actually around the internet development for quite a while now - but I never had to do the following and have no idea how to solve it:
Our computers have connected Telephones which are used with the Dialer.exe.
As I am working on an internal Clientdatabase in our network I would like to support the feature of clicking a "link" == telephonnumber in the browser in our database -> that click should execute the following task : open dialer.exe on users C:// , paste in telephonenumber in numberfield.
Thank you for your help.

That should be possible by adapting a Costum-URI-Sheme to your needs. See here:
https://msdn.microsoft.com/en-us/library/aa767914%28v=vs.85%29.aspx
Problematic is that this solution is yet Windows only and that you need to set registry-entries on every machine. Probably those values are applicable with an appropriate infrastructure but if there's not domain existent this could be a horrendous amount of work...
Edit:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\telephone]
#="URL:Telephone Dialer"
"URL Protocol"=""
[HKEY_CLASSES_ROOT\telephone\DefaultIcon]
#="\"C:\\Windows\\System32\\dialer.exe\",1"
[HKEY_CLASSES_ROOT\telephone\shell]
"URL Protocol"=""
[HKEY_CLASSES_ROOT\telephone\shell\open]
[HKEY_CLASSES_ROOT\telephone\shell\open\command]
#="\"C:\\Windows\\System32\\dialer.exe\" \"%1\""

Related

Uniquely recognize Client on localhost

I have apache installed on a windows laptop that is not connected to the internet. The laptop has multiple user accounts. Let's say that two of the user accounts are "Adam" and "Sally". I have a project on localhost that needs to differentiate between the different Window's users via the Chrome browser.
I understand detecting the username through the browser directly is a gross security sandbox breach, but I don't care: I have complete control of the computer and the project is not web accessible, so there are no security concerns. I'm willing to cheat in any way imaginable including building a custom .exe to help. I just need to differentiate between the different accounts. It doesn't need to be by username, but any alternative ID would need to persist for that given user.
I am asking for outside of the box thinking.
How can I create a page that I can open in Chrome that will say "Hi Adam" or "Hi Sally" or even "Hi -=[GUID]=-" without the visitor ever typing in their name/guid.
You should probably use something like NW.js or Electron instead of chrome for this so you don't have to sacrifice security.
Here's a picture of me running the nw.js sdk and loading just the demo page, bringing up the dev tools and retrieving my username.
Pretty straight forward. Follow node documentation and do whatever you'd like there.
You could have a batch file that runs on startup via the task scheduler or registry in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run or Local Group Policy that performs something like echo setCurrentUser("%USERNAME%"); > c:\your_project_directory\set-current-user.js, then you just have a script that defines <script>function setCurrentUser(s) { alert("Hello "+s); /* ... */ }</script> followed by a script import like <script src="set-current-user.js"></script>
If you just want to be able to do whatever in the filesystem, change the shortcut that launches Chrome to --allow-file-access-from-files --user-data-dir=c:\your_project_directory --disable-web-security and restart the PC (or just kill all chrome.exe processes, incl. background).
Edit: Updated with note on using --allow-file-access-from-files from Pritam Banerjee. If you go that route, he gets credit. :)
If you're interested in trying NW.js, here's a full example:
package.json :
{
"name": "nw-hello-user",
"version": "0.0.1",
"main": "index.html"
}
index.html :
<!DOCTYPE html>
<html>
<head>
<title>Hello!</title>
</head>
<body>
Hello <script>document.write(process.env.USERNAME)</script>!
</body>
</html>
Here's the command line:
Here's the end product!
Since you tagged your question with PHP, you could just create a index.php file with the following contents:
Hi <?= getenv("USERNAME") ?>
getenv("USERNAME") returns the the value of the USERNAME environment variable.
Update: Thanks to TylerY86 for providing the more correct way to get the username. Also note from his comment below:
You also have to be sure that the Apache instance is running in the
context of the user, and not as a service. If you try the example, if
you get something like SYSTEM or IUSR_MACHINE instead of the user
name, you'll need to adjust.
You have 2 choices, as far as I see.
1) you may ask users to identify themself first time they use the page and store it to the local storage. Since those are different users on the machine, their localStorages should be separate.
2) You may deploy a small web service on the local host, that gets the user credentials from the system and returns on GET request.

SharePoint & JavaScript - The "Open with Explorer" issue

This is a JavaScript/SharePoint issue. I have a similar question in the SharePoint StackExchange community but I haven't got anything over there in months. This particular issue is related to SharePoint 2010.
To the ones not aware, there is standard a functionality in SharePoint that allows users to open Document Libraries with Windows Explorer, which is very handy when you want to upload lots of documents or move file/folders around.
When the user clicks a button called "Open with Explorer", most of the time, the folder opens in Windows. Common answers like "Try restarting WebClient service" will not work, once users do not have permissions to do almost anything in their work PC's.
After researching the SharePoint JavaScript files I found how this functionality is supposed to work:
After clicking the "Open with Explorer" button, some functions will be called, but here is where the "magic" should happen:
function NavigateHttpFolderCore() {
httpFolderDiv = document.createElement("DIV");
...
document.body.appendChild(httpFolderDiv);
httpFolderDiv.onreadystatechange = NavigateHttpFolderCore;
httpFolderDiv.addBehavior("#default#httpFolder");
d = httpFolderDiv.navigateFrame("https://sharepointsite.com/sites/site1/docLib", "_blank");
if(d == "OK"){
...
}
...
}
From above:
addBehavior - not supported by IE 11, Chrome and Firefox, only IE 10 and older. If using IE 11, the <meta http-equiv="X-UA-Compatible" content="IE=8"> will take care of it.
#default#httpFolder - a behaviour(?), apparently not used anymore nowadays (obsolete)
navigateFrame - this either return the string "OK" if successful, meaning that the "Open With Explorer" will indeed Open in Windows Explorer, or it returns the string "FAILED" and the "your client does not support opening this list with windows explorer" will popup in my screen.
My main concern is, why sometimes navigateFrame return "OK" and other times "FAILED"?
Does anyone know what happens "inside" navigateFrame or can I check it? Any ideas?
Thank you
In my case the problem was in IE which blocked navigateFrame() call due to CORS restrictions. I dealt with SharePoint 2013 and provider-hosted add-in: I tried to open WebDAV folder (having the URL containing SharePoint host domain) with JavaScript from a PHAI web application in another domain -- PHAI domain. If you've got this problem in IE (version up to 10 inclusively) and you try to run your JavaScript code in a domain different from SharePoint one, try to add your site to 'Trusted Sites' and set 'Access data sources across domains' to 'Disable' or 'Prompt'.
Excerpt from MSDN :
Behaviors are subject to cross-frame security rules where a document cannot refer to a behavior on another server or another domain. In this case, the addBehavior method returns E_ACCESSDENIED. For more information, see the Security section in the Introduction to DHTML Behaviors article.

Google Chrome Application Native Messaging

So I wrote a question here earlier about opening native software (browsers) in my chrome application with PNaCl,NaCl, or NPAPI which I guess are not allowed anymore or were never allowed depending on which we are talking about. So a user pointed me to Native Messaging, and I am just trying to create something that will open a users HTML file in a browser they chose.
So they have index.html and they want to test it in Firefox, Chrome, and IE so they run each one and test.
Documentation
https://developer.chrome.com/extensions/nativeMessaging
Example from Google
http://src.chromium.org/viewvc/chrome/trunk/src/chrome/common/extensions/docs/examples/api/nativeMessaging/host/
This is my first time dealing with this stuff and I don't want to have my users go to a REGEDIT file and add it and blah blah blah. It should be simple as possible, they download my app and it's done.
Native Messaging Manifest --- (which not 100% sure where to put it)
{
"name": "com.kandidesigns.kodex",
"description": "Kodex is a Chrome Application to make programming websites easier and efficient",
"path": "C:\\Program Files\\My Application\\chrome_native_messaging_host.exe",
"type": "stdio", //standard input or standard output not sure which one to use
"allowed_origins": [
"chrome-extension://bbbgompnaiddjohgmdhmienllkjkilap/"
]
}
Permissions have inside the apps manifest : "nativeMessaging"
BATCH program to run a file
SET /p ID="Enter browser"
SET /p URL="Enter URL"
IF "%ID%"=="0" start chrome %URL%
IF "%ID%"=="1" start firefox %URL%
IF "%ID%"=="2" start edge %URL%
IF "%ID%"=="3" start internet explorer %URL%
IF "%ID%"=="4" start safari %URL%
ELSE ECHO "No browser found by that classification"
Never wrote a bat file to figure out where to go and what to open etc... Here is
another tutorial I've watched which is very low and pathetic sorry.
https://www.youtube.com/watch?v=H82-9hg1Plg
Anyways if someone could lead me the right way and assist on this I'd be greatly appreciated.
The manifest file they are referring to is an independent file, not to be confused with your application manifest. Just declare a new json file, and introduce the code for the manifest (in the documentation, the file should be named nmh-manifest.json). The file can be located anywhere in the system file, but you'll need to describe the full path.
Here is a reference for a demo app implementing Native Messaging: https://chromium.googlesource.com/chromium/src/+/master/chrome/common/extensions/docs/examples/api/nativeMessaging

Recover javascript logs and errors on Internet Explorer without F12 tool

The main idea is to run a random page on Internet Explorer and get javascript errors and logs.
Is there a way to recover javascript console logs and execution error
from a random web page without accessing the F12 tool on Internet
Explorer?
I found that with Chrome based browser, you can get it on your AppData file log by adding --enable-logging --v=1 args when launching.
Any solution with any language are welcome.
Thank you for your answer.
NOTE :
random page on Internet Explorer means that I do not have the access on the source code.
Basic solution to this would be:
1. Use Exception Handling to catch the errors.
2. Log errors in a Global Array
3. Log the errors in a file using Blob and URL.createObjectURL. All recent browsers support this.
Have you considered using a Bookmarklet that:
Overrides window.console.log and window.console.error (to intercept messages)
Logs incoming messages somewhere using createObjectURL?
Or you could use something like firebuglite and auto-enable it like this:
<script type="text/javascript" src="https://getfirebug.com/firebug-lite.js">
{
overrideConsole: false,
startInNewWindow: true,
startOpened: true,
enableTrace: true
}
</script>
More instructions are here: http://getfirebug.com/firebuglite
If the F12 tool is not of your interest, then what about the Event Viewer? Open Event Viewer from Control Panel -> System and Security -> Administrative Tools -> Event Viewer.‌ Then select the log Applications and Services Logs\Internet Explorer.
By default no events are being logged for Internet Explorer, to enable them create a new DWORD registry value named Feature_Enable_Compat_Logging under the following registry key:
HKCU\SOFTWARE\Microsoft\Windows\Internet Explorer\Main \FeatureControl
and set the registry value to 1.
Check the logs you get to see if it's what you're looking for.
One idea would be to write a browser extension which listens for window.onerror and writes to a file. Definitely not as elegant as the Chrome solution, but it would work fairly well.
Using local proxy might be a good one-time solution.
Charles web debugging proxy app has nice UI and it allows to replace any response with local resource.
So basically you'll need:
Download one any of the js files used on target page
add any code you wish to saved version
set up Charles to serve you your local version instead of remote one
You might try Fiddler. It's got its own logging and has amazing inspection power. It won't capture IE specific errors, since it's at a different layer, but it will definitely get you any code that's coming over the wire.

Access Denied for localstorage in IE10

Yesterday I installed Windows 8 and am now trying to understand why I am getting an "Access Denied" message when accessing localstorage. The page is being served on the same PC with the browser (http://localhost). My feeling is that one of the security settings in IE 10 is wrong, but I haven't figured out which one.
The line of JavaScript code triggering the error is:
if(window.localStorage.getItem('phone') == null)
The code works fine in the latest version of Chrome.
Our users were having issues with web sites using the LocalStorage feature (including Twitter) on Windows 8 with IE 10. When accessing one of these sites with the F12 Developer Tools open, a SCRIPT5: Access is denied message appeared on the console.
After working with Microsoft support, we identified the cause. It turned out to be a problem with the settings on the C:\Users\username\Appdata\LocalLow folder in their user profile.
Each folder on your computer has an integrity setting. More information about the purpose of this setting is here: http://msdn.microsoft.com/en-us/library/bb625964.aspx
The integrity setting on the AppData\LocalLow folder (and its subfolders) in each user's profile is supposed to be set to "Low" (hence the name). In our case, the integrity level was not set correctly on this folder. To rectify the problem, run the following command in a command prompt window:
icacls %userprofile%\Appdata\LocalLow /t /setintegritylevel (OI)(CI)L
(If there is more than one user account on the computer and the other users are having the same issue, the command needs to be run under each affected user's account.)
As for how this setting got changed in the first place? In our case, it was caused by a problem in the customized Windows 8 image we deployed to our workstations. For others that are having the issue, my research has revealed that the use of a "system cleaner" utility may be to blame.
Doubtless there might be many causes of the same symptoms, but here is what fixed this issue for me.
I had just one of many Windows 7 PCs with IE11 exhibiting the symptom of "Access Denied" on attempting any JavaScript involving window.localStorage from otherwise reputable and well-behaved web sites. Use of Process Explorer revealed that the proximal cause was an ACCESS DENIED when taskhost.exe (acting on behalf of Internet Explorer) tried to open DOMStore\container.dat for Generic Read-Write. In fact, it was worse than that: if I deleted container.dat, the same ACCESS DENIED occurred, even through the file did not exist any more. And, if I deleted the (hidden) DOMStore folder, when taskhost.exe attempted to recreate it, that received ACCESS DENIED as well.
After two days of chasing false leads, the final solution was this:
The registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\LowCache\Extensible Cache\DOMStore\CachePath
(do note the LowCache in that string) was incorrectly set to:
%USERPROFILE%\AppData\Local\Microsoft\Internet Explorer\DOMStore
when it should be:
%USERPROFILE%\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore
with the consequence that low-integrity localStorage requests were being directed to medium-integrity regions of AppData disk storage, thus generating ACCESS DENIED errors, and killing the use of JavaScript window.localStorage.
This registry entry must have been wrong for many years: perhaps a side-effect of enthusiastic take-up of buggy platform previews and so on. This error survived a total removal and re-installation of IE11.
There is a similar-looking registry entry for the medium-integrity cache:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\DOMStore\CachePath
and that is correctly left as:
%USERPROFILE%\AppData\Local\Microsoft\Internet Explorer\DOMStore
and should not be changed.
Try enabling the Enhanced Protected Mode in the IE settings, under the Advanced tab, in the Security sub-list. This enables the Microsoft XSS filter. I had similar issues when logging into SE, and fetching google+ notifications, and my first workaround was starting IE with admin privileges. But I think the EP mode will do the trick in your case too.
Related links: Understanding Enhanced Protected Mode
Mark Russinovich always says: "when in doubt, use Process Monitor":
localStorage data gets stored in XML files in the following folder:
C:\Users\[USERNAME]\AppData\Local\Microsoft\Internet Explorer\DOMStore
A profile of the file activity while reproducing the issue can tell you if the problem is caused by missing file access permissions or maybe even an anti-virus program.
I can reproduce the error by adding the read-only attribute to "DOMStore\container.dat". You should check if all file/folder permissions and attributes are set correctly. On my machine, admins and my own account have full permission for the mentioned folder.
Go to Tools/Internet Options/Advanced and under 'Security' select 'Enable DOM Storage' checkbox. This should fix the problem
I added the websites involved to the Trusted Sites section of IE and have not received the error again.
In addition to the already excellent answers here, I'd like to add another observation. In my case, the NTFS permissions on the Windows %LOCALAPPDATA% directory structure were somehow broken.
To diagnose this issue. I created a new Windows account (profile), which worked fine with the localStorage,so then I painstakingly traversed the respective %LOCALAPPDATA%\Microsoft\Internet Explorer trees looking for discrepancies.
I found this gem:
C:\Users\User\AppData\Local\Microsoft>icacls "Internet Explorer"
Internet Explorer Everyone:(F)
I have NO idea how the permissions were set wide open!
Worse, all of the subdirectories has all permissions off. No wonder the DOMStore was inaccessible!
The working permissions from the other account were:
NT AUTHORITY\SYSTEM:(OI)(CI)(F)
BUILTIN\Administrators:(OI)(CI)(F)
my-pc\test:(OI)(CI)(F)
Which matched the permissions of the parent directory.
So, in a fit of laziness, I fixed the problem by having all directories "Internet Explorer" and under inherit the permissions. The RIGHT thing to do would be to manually apply each permission and not rely on the inherit function. But one thing to check is the NTFS permissions of %LOCALAPPDATA%\Microsoft\Internet Explorer if you experience this issue. If DOMStore has broken permissions, all attempts to access localStorage will be met with Access Denied.
This issue may also be caused by having missing or corrupted registry entries. If a reset does not resolve the issue, the LocalLow folder has the correct integrity level, and the DOMStore registry value is correct, run the below commands to re-register IE in the profile:
32 Bit OS:
C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
64 Bit OS:
C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
See the IE MSDN blog for more details.

Categories