I am developing a website.
What does mailto: open in if there is no email client (like Outlook, Thunderbird, etc.)?
It works on my computer, which has Outlook, but what if one wants mailto: to open in, say, gmail.com?
What do I need to put in the mailto: statement for that to happen?
As a web developer you don't have any control over the software that a user chooses to open their email, since it's handled by that user's web browser settings, or the OS. If a user has no email program installed on their machine and no operation defined for "mailto" links in their browser, nothing would happen.
The following solution works for me:
(function($)) {
$('a[href^=mailto]').each(function() {
var href = $(this).attr('href');
$(this).click(function() {
var t;
var self = $(this);
$(window).blur(function() {
// The browser apparently responded, so stop the timeout.
clearTimeout(t);
});
t = setTimeout(function() {
// The browser did not respond after 500ms, so open an alternative URL.
document.location.href = '...';
}, 500);
});
});
})(jQuery);
For more info see: https://www.uncinc.nl/articles/dealing-with-mailto-links-if-no-mail-client-is-available
I believe you can use this. https://mail.google.com/mail/?view=cm&fs=1&to=email#domain.com
This however does have its flaws in which the user must be already signed into gmail. Hope this helps!
What happens is entirely up to the client. The OS defines protocol handlers for protocols like mailto: or tel:, etc.
You would need access to the client's registry (in case of a Windows system) to manipulate the handling application for your protocol handler.
For Outlook 2013 as the designated handler, the according Registry structure looks like this:
[HKEY_CLASSES_ROOT\mailto]
#="URL:mailto"
"EditFlags"=hex:02,00,00,00
"URL Protocol"=""
[HKEY_CLASSES_ROOT\mailto\DefaultIcon]
#="C:\\PROGRA~2\\MICROS~1\\Office15\\OUTLOOK.EXE,-9403"
[HKEY_CLASSES_ROOT\mailto\shell]
#="open"
[HKEY_CLASSES_ROOT\mailto\shell\open]
[HKEY_CLASSES_ROOT\mailto\shell\open\command]
#="\"C:\\PROGRA~2\\MICROS~1\\Office15\\OUTLOOK.EXE\" -c IPM.Note /mailto \"%1\""
with a corresponding structure under HKCU.
The mailto URI scheme doesn't decide what happens-- it simply instructs the browser you're using to do whatever it's been configured to do to send e-mails (see the IETF proposed standard for more info). Therefore, you'll have to consult the browser itself to see what it does if no e-mail client is configured.
According to the documentation and to my personal experience, I don't see any way of manually setting an action: It might be possible with certain browsers with some non-standard syntax, but this is unlikely since this would open up a huge potential security problem by being able to execute an arbitrary command by click (such as downloading a virus or something like that).
Related
FileRun has a beautiful File-Explorer Google-Drive styled. You can testdrive it here FileRunDemoSite
When I download a File I get to choose if I want to open the file directly in a Office Application.
When I click on Office, google prompts me with a Chrome Open File Dialog. The File opens directly from the location instead of being savend in /downloads/ folder.
How can I achieve this behavior? All existing answers on SA state that this is not possible, so this might be interesting to others as well. Not even google has implemented this. Is there a cross-browser solution?
Onedrive does it as well:
Credit to Thomas2D to get me on the right track. How it basically works is:
If you develop an application you can register a new protocol with the operation-system. http:// will be handled by your default browser. applicationX:// will be handled by applicationX, ms-word:// will be handled by word. If you click on a link the browser/operating-system looks up which application should handle the protocol an pass the request on to this application.
For Office documents the URI is a bit more complex ms-excel:ofv|u|http://contoso/Q4/budget.xls. You can open it readonly/ for edit / as a template. Check out this document for a detailed description of all the options: Office URI Schemes
For other applications check the URI Schemes with that application.
How to use it on a website:
It is not advisable to set a link to an application in a Dom element href attribute. You have no way of checking if the application is installed or not.
If you use Javascript you can check if the request times out / fails and use http:// instead.
. Set the protocol in a href: window.location.href = encodeURI('ms-excel:ofe|u|http://example.com/excel.xlsx') or by setting the the location.protocol, https://www.w3schools.com/jsref/prop_loc_protocol.asp
There is a jQuery Plugin to do that :jquery.applink.js
I personally think that this is accomplished by starting application via specific url.
I know that this works on iOS for launching application. In iOS it was done by something (simillar to mailto:example#example.com)
<script type="text/javascript" charset="utf-8">
window.location = "myapplication://myparams";
</script>
EDIT: I finally get it, you have to use application url scheme. For example, if you want to open your Excel file via browser, you have to use this JS code.
window.location.href = encodeURI('ms-excel:ofe|u|http://example.com/excel.xlsx');
When using browser context in Node-Webkit, is there any way to find out what is the exact User Agent used for external requests, from within Node-Webkit?
Example: if Node-Webkit loads an image that's in an HTML from some remote, I would like to know what's the User Agent this remote will see.
Using a sniffer (Fiddler/Wireshark) is trivial, but I'm looking for a method to obtain this information directly.
Thank you.
Well, given that you can definitely do this:
iframeID.setAttribute('nwUserAgent', 'Super Browser');
Then I can't see why you can't also do this:
Agent = iframeID.getAttribute('nwUserAgent');
We have a legacy web application. At various places it opens a window with the help of Privilege Manager on Firefox to get the needed result.
Some of these windows open a Java applet or a PDF document.
The client machines are updating Firefox and Privilege Manager is gone.
What is the easiest way around it?
The problems are :
There must be only one instance of the pop-up at anyone time. This could be done by selecting appropriate window name on window.open() call.
If the window is opened again (by means of user action), it should not reload but just focus to bring it to the foreground (I have seen I can keep a reference to the window on JavaScript to do that)
It basically really must be transient/modal so that the client cannot leave the current page or reload or any other kind of interaction with the parent window (except opening/refocusing the child window) without closing the child window first. I have no idea how to do that.
Do anyone has an idea how to do that?
The client is only Firefox (it works in a special kiosk configuration) on Linux.
I read somewhere that I could somehow write an extension but I am basically clueless about extensions and its API.
Edit1:
Example of (simplified) legacy code. Not really sure if all the permissions were required, but this is it: This function opens a window that stays over the parent window and prevents any interaction from the user with the parent window.
function fWindowOpen(url, name) {
netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead");
netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserWrite");
netscape.security.PrivilegeManager
.enablePrivilege("CapabilityPreferencesAccess");
netscape.security.PrivilegeManager
.enablePrivilege("UniversalPreferencesWrite");
netscape.security.PrivilegeManager
.enablePrivilege("UniversalPreferencesRead");
netscape.security.PrivilegeManager.enablePrivilege("UniversalFileRead");
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
window.open(
url,
name,
"screenX=70,dependent=yes,menubar=0,toolbar=0,width=900,height=700,modal=1,dialog=1"
);
}
function fnCapture(){
fWindowOpen("/path/to/document_or_japplet/page","_blank");
}
HTML:
<button value="Capture" property="btnCapture" onclick="javascript:fnCapture();"/>
Edit2: Solution
On a typical extension, on the xul code, define this javascript code:
var dialogExt = {
listener: function(evt) {
// Do work with parameters read through evt.target.getAttribute("attribute_name")
window.openDialog(evt.target.getAttribute("url"), evt.target.getAttribute("name"), evt.target.getAttribute("features"));
}
}
// from examples
document.addEventListener("dialogExtEvent", function(e){ dialogExt.listener(e); }, false, true);
Then, on the web page:
var element = document.createElement("dialogExtElement");
element.setAttribute("url", url);
element.setAttribute("name", name);
element.setAttribute("features", features);
document.documentElement.appendChild(element);
var evt = document.createEvent("Events");
evt.initEvent("dialogExtEvent", true, false);
element.dispatchEvent(evt);
Now, maybe I am missing some security checks to let the code work if it originates from the same host, and how to handle a reference to the document that requested the dialog as means of interaction between the dialog window and it's opener.
The Privilege Manager was deprecated in Firefox 12 and removed in Firefox 17 (briefly restored).
You might want to look into Window.showModalDialog(). However, it is deprecated and is expected to go away within the year, or in 2016 if you go with an extended service release (ESR) of Firefox 38. It may be a temporary solution while you develop an extension.
In order to accomplish the same tasks, you will need to write an extension and ask the user to install it (from Bypassing Security Restrictions and Signing Code, the old information about Privilege Manager):
Sites that require additional permissions should now ask Firefox users to install an extension, which can interact with non-privileged pages if needed.
It is possible to write such an extension using any of the three different extension types:
XUL overlay
Restartless/Bootstrap
Add-on SDK
For the first two types, you would use window.open(). The modal option is in "Features requiring privileges". You will probably also want to look at Window.openDialog().
For the Add-on SDK, you would normally use the open() function in the SDK's window/utils module. Here, again, you will probably want to look at openDialog().
It appears you may be opening content that is supplied from the web in these modal windows. It is unlikely that you will get an extension approved to be hosted on AMO which opens content in such windows which in not included in the add-on release. This does not mean you can not develop the extension and have it installed on your kiosk clients without hosting it on AMO. However, there are additional restrictions in development for Firefox this year which will make this significantly more difficult, see: "Introducing Extension Signing: A Safer Add-on Experience".
You should be able to get similiar window.open behavior, including support for the modal option from the sdk's window/utils module.
You will have to install the onclick listener with a content script, send a message to the addon-main through its port and then open that window from the addon main.
Is there a way to check in JavaScript if given a host its SSL certificate is valid? (non blocking)
In my case, I want to display: "you can also use https://.." if via JavaScript I can make a request to https://my_url without being asked to accept an untrusted certificate.
Can this be done asynchronously?
Take a look here: https://support.mozilla.org/pl/questions/923494
<img src="https://the_site/the_image" onerror="redirectToCertPage()">
This solution is tested and working in current versions of FF and Chrome (as of 2022):
<script> var sslCertTrusted = false; </script>
<script src="https://example.com/ssltest.js"></script>
<script>
if (!sslCertTrusted)
{
alert('Sorry, you need to install the certificate first.');
window.location.replace('http://example.com/cert_install_instructions/');
}
else
{
// alert('Redirecting to secure connection')
window.location.replace('https://example.com/');
}
<script>
You of course need to make your web server return this code under the URL https://example.com/ssltest.js:
sslCertTrusted = true;
I'm not exactly sure about the details. But I've seen similar technology used to detect adblocking etc. You may need to piggyback on the window object maybe, if the variable can't be modified by another script, but generally making the above proof of concept work is left as an exercise to the reader.
What I've found up to now - it is possible with Firefox, don't know yet about other browsers:
https://developer.mozilla.org/En/How_to_check_the_security_state_of_an_XMLHTTPRequest_over_SSL
The straight answer is no. Javascript does not provide any means of validating certificates. This is a job left to the browser.
A better approach to this problem is from the server side. If you are controlling the site, than you can render down a variable on the page with information gleaned on the server side.
In .Net something like
var canSecure = <%= MySiteHasSsl ? "true" : "false" %>;
if (canSecure) {
if (confirm("This site supports SSL encryption. Would you like to switch to a secure connection?")) {
location.href = "https://mysite.com";
}
}
I'm not quite sure what your use case is. If you are just trying to "check ahead of time" before you provide a link to someone for another website then the other answers here will be more relevant than mine.
If you are expecting mysite.com to use an SSL certificate that isn't trusted by default in the browser but you have another way of knowing it should be trusted, then you could use a JavaScript TLS implementation to make cross-domain requests to that other site. However, this requires that your website be served on https and trusted in the browser to begin with and the other site to provide a Flash cross-domain policy file.
If this sounds anything like what you want to do, check out the open source Forge project at github:
http://github.com/digitalbazaar/forge/blob/master/README.md
Useful notice: navigator.clipboard will be undefined on Chrome browsers if there's no valid SSL certificate.
The question doesn't make sense. You can't get the server's SSL certificate without opening an SSL connection to it, and once you've done that, telling the user they can do that too is a bit pointless.
You could run a server elsewhere that handles certificate checks based on whatever you want, then your javascript application sends a request to that server asking for a checkup. This does require that you have at least one server somewhere in the world that you can trust.
A query of this nature can be done in the background quite easily.
I wrote a javascript function in my html page to execute an .exe file. for this i used ActiveXObject.
my function is:
//~~~~~~~~~~~~~~~~~~~~~~~~~~~JavaScript~~~~~~~~~~~~~~~~
function openWin(url)
{
if (!document.all) {
alert ("Available only with Internet Explorer.");
return;
}
var ws = new ActiveXObject("WScript.Shell");
ws.Exec(url);
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
It works fine but there is a alert "An ActiveX control might be unsafe to interact with other parts of the page. Do you want to allow this interaction?" comes up to confirm. If i say YES only it will get loaded.
Pls anyone help me on this how to avoid this pop-up coming every time when i reload my html page.
You can't. Your users can, by giving your page trusted access to their computer (e.g., by adding the URL to the "Trusted Sites" zone).
You should enable activeX in Internet explorer security settings.
http://www.nrc.gov/reading-rm/adams/install/enabling-active-x.html
If you want your users to not seeing this message, then they should enable it. But you can't force them to do it because of security issues.