Flash Player trust file not working with Embedded browser on linux - javascript

I have an application which embeds a browser based on Xulrunner inside it. I have couple of flash swf files I need to load in the browser. The swf files talk with a JavaScript to change the page title and also to change the URL when I am browsing through the content in the URL. I need the URL change because I need to remember where I was in the flash content so that I can go directly to that place in the flash file when I open my browser the next time.
To let the swf file do this I created a cfg file and placed it into the Flash Player Trust folder( I tried both the local one at /home/user/.macromedia/Flash_Player/#Security/FlasPlayerTrust and global trust file location at /etc/adobe/FlashPlayerTrust ) , but I didn't get the expected result. I debugged into my app and found that the swf never reset the Title of the page( which indicates that the JavaScript was blocked) . It works fine from a firefox browser but not from inside my embedded browser. My app also works fine on windows and Mac . This is observed only on Linux. Can any body think of what else I need to do get my javascript embedded in the flash file working?

Don't use flash app dependencies inside embedded browsers inside desktop applications.

Related

Cannot open a local file from webpage

I want to open files from webpage. For example when we try to download a torrent file it redirects us to utorrent app and it continues it work. I also want to open a local file somehow using OS software. Like a video file using pot player. Is there any possible solution for me ,like making a autorun in pc to run that . Anything it may be please help me.😔😔
I searched and found a solution to open a software using protocol, but in this way I cannot open a file in that software.
Opening a specific file in a specific software would usually depend on passing some URL parameters to the protocol-URL of the app (e.g., opening a file in VSCode would use a URL like vscode:///Users/me/file.html, but this functionality would have to be explicitly handled by the app itself though, so the solution for each app would be different).
Otherwise, if the app doesn't support opening a specific file itself through a URL, you'd have to use some scripting software (e.g. AppleScript if you're on macOS) to dynamically click/open certain programs on a user's computer.
the link acts as a magnet so your torrent application is opened maybe delete torrent for sometime till you finish the project, i know how to open image in local files in html but it will only be visible to you, you can do audio and video files also using <source src="movie.mp4 and on next line `type="video/mp4">

Chrome on android - not loading local website javascript and css

I have strange problem on Chrome for Android with local website.
It works perfect on Firefox for Andorid, but not for Chrome.
On my site here: https://passcombo.com there is download link with a zip file.
What I do is:
download file to local file system (not SSD! - external storage makes
another problem!)
I unzip the package and go to the site in local storage using File Commander
I open the html file with Chrome - only HTML loads, no CSS, no JS, no images, no fonts.
Looks like there is path problem with relative paths?
But firefox works!
Working alternative is Firefox, but there you need to write correct strange path: "file:///storage/emulated/0/..../...html"
But...
Currently Chrome is mostly used on Andorid so it's bad local sites not working :/
It doesn't work opening with file explorer, you have to write the path in the address bar file:///sdcard/Download... or wherever.
JS works with Chrome on local html file in my Galaxy S6.
The only solution I found is to:
[update 2021] use Opera (Firefox did work before recent update!)
copy folder with my html/css/js to local storage
(somewhere)
open the sitewith path like:
[current Opera] file:///storage/0000-0000/MyFolder/index.html
[old in firefox ] file:///storage/emulated/0/myfolder/index.html
where 'file:///storage/0000-0000/' OR 'file:///storage/emulated/0/' is the main path to local storage, and if you copied your folder somehwre deeper then you need to change the 'myfolder' to /somefolder1/somesubfolder/.../ sth
Shame it's the only way to create a web browser app for adroid.
It is possible using a HTTP server app on your phone.
For example the SimpleHttpServer.
Set the "Document Root" in the settings of that app to the folder in which your html files reside. Start the server and you will see a local link.
Click on that link and choose the html file you want to show.
If you declared your assets relatively those assets will loaded, too.
Seems like the only directory Chrome reads local files from is file:///sdcard/Android/data/com.android.chrome/files/Download/
The only solution worked for me in Android is the HTTP Web Server (I used Simple HTTP Server).
Installing different browsers didn't help:
(Apr-2021) I tried installing various Browsers (Chrome, FireFox, even Opera etc.) in Android but none worked. In all cases, when I navigated to the folder containing HTML/JS files using local file:/// URLs ('file:///sdcard/' or 'file:///storage/emulated/0/') browsers only displayed the folders but no files.
When I used the absolute path to the HTML file the browsers used content:/// protocol to
render static HTML content, i.e. it did NOT allow execution of JavaScript code.
In my Android OS version 7, to open a local html file with css and javascript in Google Chrome browser (ver. 64.0.3282.123) I have to open it through an address bar typing as file://localhost/sdcard/, then navigating to the file location. In spite of mention sdcard in the address, it opens an internal storage (and my device has actual removable sdcard as well).
Currently, I am also facing this problem. Chrome does not link to other files on the device, but you can use js and CSS by, using <script> and <style> tags and these will be included in the web page. But, for other files, like image, audio, videos, etc. it can't be done on Android still without any server established by 3rd party apps.
Install a text editor from playstore . Its name Acode
Got to your local file storage , then choose your .html file and press long time.
After press long time on .html file , you will see more (left side of your phone screen)
From more menu, chose open with option
Choose Acode text editor
When html file open on Acode editor, then preview it from Acode text editor.
that's all. It will works 100%.. (sorry for my english)

Is it possible for a remote html file to download a file to a client?

I'm an iOS dev looking into some security aspects of a native iPhone app that loads local html pages into a UIWebView (that's the iOS class that give browsers functionality to a native app).
If the app loads a local html file and that file contains a link to an external html file then is it possible for that external file to download a file to the client (another html file or a javascript file)? My knowledge of html/javascript isn't detailed enough in this area.
E.g. If A.html is file physically present on the phone and A.html contains a href to B.html where B.html is on a server then is it possible for B.html (using whatever means) to move a file (C.html or D.js etc.) from the server onto the device?
What you probably mean is : are HTML pages able to download (and potentially execute or overwrite) content/code on the device? I'm just going to assume that in the following.
First, the browser isn't supposed to be able to download anything without the user consent. That's especially true on iOS, where the browser actually can't download anything at all. (Well, you can actually download images by long-pressing on them, but they are only going to go to the Photo Roll. Any other download will just fail.)
HTML pages (and JavaScript, images, ...) are of course downloaded to the device before the browser or UIWebView displays them, but they can't access anything on the filesystem.
What's more, due to the same-origin policy, a web page cannot access anything that's outside of its domain (cross-origin requests allow this, but they require the server to send a particular header).
Say your page is on http://mywebsite.com : you can't make a request to http://blah.org if it's not setup properly, or even (much more dangerous) to file:///etc/passwd (which you have no way to setup properly).
I'm not sure about local pages, but (at least on Chrome on the desktop) local web pages cannot download anything at all.
Of course, all of these are the expected behavior.
There have been cases of vulnerabilities (this one for instance) where Safari allows unprivileged access to the filesystem, but in most cases they have been patched quickly by Apple and you won't have to (and are not supposed to if you want to avoid unnecessary headaches) worry about them.

Run javascript from swf on DVD?

I have a project I am doing that requires delivery on a DVD and through the web. I have been using Flash to drive a menu system and javascript to load pages or other actions on the web. However, when I move it to a DVD I receive a Security Error 2060 - the swf is unable to
communicate with the html page it is loaded onto and so none of the javascript is parsed. I am using ExternalInterface calls and jquery on the html page.
Searching online I have made sure that Flash when publishing "Allow local files only" and on the html page I'm using swfobject with a param field of allowscriptaccess of "always" - looking at the generated code on pages it shows that the allowscriptaccess is there.
Is there some security setting that I can program in that will give my Flash application the ability to function the same from a DVD as it would from the web and communicate with Javascript? If I need to compile two different swfs that would be okay.
I suspect you are having a local sandbox problem. Have you gone through the information at http://www.adobe.com/devnet/flashplayer/security.html?
If you can do PC-only, then investigate Server2Go. This is a standalone WAMP stack that works well from a CD/DVD. Your page will then run in the internet zone, and you should not run into the same security problems.

Flash not interacting with Javascripts in browser inside my app

I have an application which embeds a xulrunner based browser.
I have to load some flash content in it which talks to some javascript to update
the browser title.
The flash content works fine when launched from Firefox but not inside my app. I tried a sample html file which has some javascript and they work fine. It even works when I have the flash content on a server. It is only when I try to run js through flash present on my local machine that I see this problem.
I guess it must have something to do with some security settings in xulrunner.
Could somebody help me figure out what the problem might be?
Check out this answer, it might the solution of your problems.
You can also change the browser title from within the application itself...
import mx.managers.IBrowserManager;
import mx.managers.BrowserManager;
private var bm:IBrowserManager = BrowserManager.getInstance();
bm.init("", "New Browser Title");

Categories