Import client certificate in IE with javascript - javascript

I trying to import/install a client certificate into IE but I'm getting following error in my js code.
function ImportClientCertificate()
{
try {
var objCertEnrollClassFactory = document.getElementById("objCertEnrollClassFactory");
var objEnroll = objCertEnrollClassFactory.CreateObject("X509Enrollment.CX509Enrollment");
var sPKCS7 = "-----BEGIN CERTIFICATE-----" +
"MIIDADCCAmkCCQ..." +
"-----END CERTIFICATE-----"
objEnroll.Initialize(1);
//->this line causes the exception
objEnroll.InstallResponse(3, sPKCS7, 1, "correctpassword");
}
catch (ex) {
alert(ex.description);
/*Exception being thrown: CertEnroll::CX509Enrollment::InstallResponse: Access is denied. 0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED)*/
}
}
What could be the reason for this exception? I already tried to set the security level in IE to low but it doesn't helped. Manual installation of the cert into the users private cert store works fine.
Any help is highly appreciated.

I'm surprised this worked for you!
I found that I had to change the restrictions parameter (3 in your example) to be either 0 or 4. This is based on the MSDN documentation at https://msdn.microsoft.com/en-us/library/windows/desktop/aa378051(v=vs.85).aspx:
E_ACCESSDENIED
This method was called from the web and either AllowNoOutstandingRequest or AllowUntrustedCertificate was specified in the Restrictions parameter.

After two days of research on the net, I finally find out how to get this script working. The only solution I found for IE 11, is to enable following option in the IE settings box.

Related

"SCRIPT5: Access is denied" error when accessing web sites using LocalStorage

One of our client is getting ""SCRIPT5: Access is denied" error when accessing web sites on Windows 8.1/IE11. Only one client is having this issue not all.
when we looked at the error message it turns ut it failed when tried to access
_global.localStorage
Client said its working fine if they add our site in "Trusted Site".
the problem we having is that none of our dev/test environments has this issue.we are running same version of OS and IE as client. so we are having bit difficulty trying to reproduce this issue.
sa mentioned here
Access Denied for localstorage in IE10
i have tried turn on/off DOMStorage/Enhance Protection Mode/Protection Mode but still no luck.
our best guess so far is there must be some setting/group policy which applied by Client's IT dept which causes this issue rather code issue as it works for all other clients.
so my question here is
which setting/group policy/domain setting i can check so that i can reproduce this error.
How can i fix the issue w/o making any code change as client has more than 1000 users so only changing the policy by IT dept is the only option here rather asking every user to add to "Trusted Site"
is there anything that i missed to check.
any help would be awesome.
I had the same issue and solved it in the next way:
let storage;
try {
storage = localStorage; // throws error if not supported by browser
} catch(e) { // caching this error and assigning fallback
let innerStorage = {};
storage = {
getItem: function(e) {
return innerStorage[e]
},
setItem: function(e, i) {
return innerStorage[e] = i
},
removeItem: function(e) {
delete innerStorage[e]
}
}
Best regards,
Aleh

addthis_widget.js throwing Cannot read property '_pmh' of null error on Android and Chrome

I am using a JavaScript error logging tool to log any JavaScript errors on my mobile site and I am seeing a large number (22,000 in under a month) of this error:
Uncaught TypeError: Cannot read property '_pmh' of null
I can see from the addthis_widget.js code that it is originating from that script.
I can also tell that it only affects mobile Android and Google Chrome browsers, these in particular:
Android 4, Android 4.1, Android 4.2, Chrome 11, Chrome 18, Chrome 25, Chrome 26, Chrome 27, Chrome Mobile 18, Chrome Mobile 25, Chrome Mobile 26
I am using the following external JavaScript include:
http://s7.addthis.com/js/250/addthis_widget.js#username=xa-4b6adff375a64db9
and have the following configuration object set:
<script type="text/javascript">
var addthis_config = {
data_ga_property: 'UA-18721873-1', // real GA profile hidden for privacy purposes
data_ga_social: true
};
</script>
Is there anything I can do to prevent this error from occuring so many times on these browsers?
I have located the cause of this issue and it is down the following code.
if (window.addthis) {
window.addthis = null;
window._adr = null;
window._atc = null;
window._atd = null;
window._ate = null;
window._atr = null;
window._atw = null;
}
This was an attempt to cleanup the objects lying around when moving between pages dynamically to prevent memory issues.
addThis now provide support for this problem, their support department sent me the following link:
http://www.addthis.com/blog/2013/05/07/a-brief-history-of-using-addthis-dynamically/#.Uklx4RCKyas
and the following explanation/information:
Along with other information from my peers and such, I've come up with
the proper code which should be executed when moving from virtual page
to virtual page such as in your mobile application. Rather than
nulling any of the AddThis related objects, they must be left alone.
When the page URL or Title (or any other AddThis configuration option)
that you want to be used by our buttons changes, you should execute
our method:
addthis.update(type, key, value)
It takes the three parameters: type, key, value.
Type is either "share" or "config". The key is the same key you would
set according to our API documentation. What you likely need to know
are just the two keys: "url" and "title". The value is of course the
value you want those options to have.
After you have updated all of the options you need to update using
that method, you need to invoke this method:
addthis.toolbox(cssSelector)
The cssSelector is usually going to be ".addthis_toolbox" but if for
some reason you don't want to refresh all of your toolboxes, you can
be more specific about it.
Once you have made those changes to your code, I believe that our
tools will work properly for you and that there will be no more "null
object" related javascript errors.
You can look at this JSFiddle to see an example of dynamically
changing content: http://jsfiddle.net/j5addthis/r6Utv/
I'm having the same issue, but it appears that there was, at one point, a fix to your specific case above by simply upgrading the script that you're using from addthis to version 3.0 by changing this:
http://s7.addthis.com/js/250/addthis_widget.js#username=xa-4b6adff375a64db9
To this:
http://s7.addthis.com/js/300/addthis_widget.js#username=xa-4b6adff375a64db9
Read more here: http://support.addthis.com/customer/portal/questions/1021465-addthis-widget-js-throwing-cannot-read-property-pmh-of-null-error-on-android-and-chrome
Note though, as I mentioned above, my issue continues to persist even with version 3.0 despite the AddThis help desk stating that should work.

Error "Operation failed for reasons unrelated to the database..." when using indexedDB in Firefox

I've tried back and forth between different examples in FF, and all i get is The operation failed for reasons unrelated to the database itself and not covered by any other error code. I believe its caused by var request = indexedDB.open("mydb",2);
var db;
var indexedDB = window.indexedDB || window.webkitIndexedDB
||window.mozIndexedDB||window.msIndexedDB;
var request = indexedDB.open("mydb",2);
customerData=[
{ssn:"444-44-4444",name:"Bill",age:35,email:"bill#company.com"},
{ssn:"555-55-5555",name:"Donna",age:32,email:"donna#home.org"}
];
request.onerror = function(event){
};
request.onupgradeneeded = function(event) {
var objectStore = db.createObjectStore("customers",{keyPath:"ssn"});
objectStore.createIndex("name","name",{unique:false});
objectStore.createIndex("email","email",{unique:true});
for(var i in customerData){
objectStore.add(customerData[i]);
}
} ;
request.onsuccess = function(e) {
} ;
Thanks
How do you open this html/js script?
If I recall correctly FF can not open indexedDB from file.html
It's a bug or a feature depending of a view point.
Try using xampit or other "server". Or just do quick test with Chrome.
I had the same problem when I tried to open a file "locally".
I found on MDC a post saying that by security reasons any operation with indexedDb will be only available by a request via a webserver.
So it seems the problem doesn't have nothing related to file name (namelly file.html) but with protocol.
There's an open bug on BugZilla about this curious error message:
https://bugzilla.mozilla.org/show_bug.cgi?id=1628125
It's possible it arises due to hard disk corruption, but is not clear.
We'd like Mozilla to improve their diagnostics, and not go in the direction of a "Sorry, something went wrong" generic error message that product management think is more user-friendly - it isn't, and is no more helpful than a WSOD.

Selenium IDE - Error: Permission denied for <http://www.example.com> to get property Location.href

I am using Selenium 1.7.2 on Firefox 11 running on Ubuntu 11.10. Until yesterday, we didn't use the document.domain javascript. We needed to add it to our generated HTML and in one of our javascript file.
Now when we run Selenium IDE Test Suite, we get the following error:
Error: Permission denied for <http://dev.example.com> to get property Location.href
dev.example.com is our application server (Glassfish 3.1.2 behind Apache+mod_jk)
If I comment out document.domain everything works well (at least in Firefox, because the document.domain is to prevent IE to block PIE.htc script... sigh )
I tried adding a user extension script found here:
function setdom(str,doc,dom) {
doc.domain = dom;
}
Selenium.prototype.doDocumentDomain = function(domain) {
var lw;
setdom('ts',frames['testSuiteFrame'].document, domain);
setdom('tf', getTestFrame().contentWindow.document, domain);
setdom('my', frames['myiframe'].document, domain);
lw = LOG.getLogWindow();
if (lw) {
setdom('log', lw.document, domain);
}
setdom('doc', document, domain);
}
but this looks pretty old and probably not compatible any more. It returns an error at the first call to the setdom('ts',frames['testSuiteFrame'].document,domain); line
I am not browsing back and forth between HTTP and HTTPS, I have read many StackOverflow and Google Group related questions, to no result.
I can modify our codes to include document.domain only for IE but it is not very clean...
Question: How to make Selenium IDE working without security issue when document.domain is set? Or how can I fix he above user extension to work in Selenium IDE 1.7.2? Thank you.
So I decided to change Selenium javascript to allow me to set the document.domain using this:
In `chrome/content/selenium-core/scripts/selenium-browserbot.js on line 920 (for version 1.7.2):
//Samit: Fix: open command sometimes fails if current url is chrome and new is not
windowObject = core.firefox.unwrap(windowObject);
// -------------- Start My Change ----------------
updateDomain(windowObject.document);
// -------------- End My Change ----------------
if (this._windowClosed(windowObject)) {
LOG.debug("pollForLoad WINDOW CLOSED (" + marker + ")");
delete this.pollingForLoad[marker];
return;
}
Then in user-extensions.js:
var validDomain = null;
Selenium.prototype.doDocumentDomain = function(domain) {
validDomain = domain;
}
function updateDomain(doc) {
if(validDomain==null) {
return;
}
LOG.info("Current domain: " + doc.domain);
if(doc.domain != validDomain && (doc.domain+"").indexOf(validDomain)>0 ) {
doc.domain = validDomain;
}
LOG.info("New domain: " + doc.domain);
}
I check prior to setting the new domain that it is a subdomain of the one I want to set. I use it in Selenium IDE:
documentDomain | example.com
So when it opens dev.example.com and static.example.com, it finds example.com in the domain and replace the domain.

Identify tab that made request in Firefox Addon SDK

I'm using the Firefox Addon SDK to build something that monitors and displays the HTTP traffic in the browser. Similar to HTTPFox or Live HTTP Headers. I am interested in identifying which tab in the browser (if any) generated the request
Using the observer-service I am monitoring for "http-on-examine-response" events. I have code like the following to identify the nsIDomWindow that generated the request:
const observer = require("observer-service"),
{Ci} = require("chrome");
function getTabFromChannel(channel) {
try {
var noteCB= channel.notificationCallbacks ? channel.notificationCallbacks : channel.loadGroup.notificationCallbacks;
if (!noteCB) { return null; }
var domWin = noteCB.getInterface(Ci.nsIDOMWindow);
return domWin.top;
} catch (e) {
dump(e + "\n");
return null;
}
}
function logHTTPTraffic(sub, data) {
sub.QueryInterface(Ci.nsIHttpChannel);
var ab = getTabFromChannel(sub);
console.log(tab);
}
observer.add("http-on-examine-response", logHTTPTraffic);
Mostly cribbed from the documentation for how to identify the browser that generated the request. Some is also taken from the Google PageSpeed Firefox addon.
Is there a recommended or preferred way to go from the nsIDOMWindow object domWin to a tab element in the SDK tabs module?
I've considered something hacky like scanning the tabs list for one with a URL that matches the URL for domWin, but then I have to worry about multiple tabs having the same URL.
You have to keep using the internal packages. From what I can tell, getTabForWindow() function in api-utils/lib/tabs/tab.js package does exactly what you want. Untested code:
var tabsLib = require("sdk/tabs/tab.js");
return tabsLib.getTabForWindow(domWin.top);
The API has changed since this was originally asked/answered...
It should now (as of 1.15) be:
return require("sdk/tabs/utils").getTabForWindow(domWin.top);
As of Addon SDK version 1.13 change:
var tabsLib = require("tabs/tab.js");
to
var tabsLib = require("sdk/tabs/helpers.js");
If anyone still cares about this:
Although the Addon SDK is being deprecated in support of the newer WebExtensions API, I want to point out that
var a_tab = require("sdk/tabs/utils").getTabForContentWindow(window)
returns a different 'tab' object than the one you would typically get by using
worker.tab in a PageMod.
For example, a_tab will not have the 'id' attribute, but would have linkedPanel property that's similar to the 'id' attribute.

Categories