Chromecast Failed to play hls encrypted custom asset - chromecast

CustomReceiverApplication : CastReferencePlayer-master (github)
SenderApplication : CastVideosSample (github)
With the above applications chrome cast is able to play un-encrypted custom asset, but failed to play encrypted asset.
Modification in CastReferencePlayer-master::player.js
below lines are added.
host.licenseUrl = "http://192.168.6.135/mpeg/key123";
host.updateSegmentRequestInfo = function (requestInfo)
{
requestInfo.withCredentials = true;
requestInfo.headers = {};
requestInfo.headers['origin'] = info.message.media.customData.origin;
requestInfo.headers['content-type'] = info.message.media.contentType;
requestInfo.headers['accept-encoding'] = 'gzip';
}
Errors from chrome-cast debug log.
Refused to set unsafe header "origin"
Refused to set unsafe header "accept-encoding"
Please find below link to download the logfile.
https://drive.google.com/open?id=0B1Nd3ciEQ3CIeGdVM2FsYVNGWk0

According to this link, usually it appears only in Webkit based browsers. Basically a browser like Google Chrome will not change certain http headers in an XMLHttpRequest using setRequestHeader(). Make sure you check your sources before you use things like external scripts. Try to set the header to Access-Control-Expose-Headers: Content-Length.

Related

Firefox web extension - read local file (last downloaded file)

Im creating a web extension and porting from XUL. I used to be able to easily read files with
var dJsm = Components.utils.import("resource://gre/modules/Downloads.jsm").Downloads;
var tJsm = Components.utils.import("resource://gre/modules/Task.jsm").Task;
var fuJsm = Components.utils.import("resource://gre/modules/FileUtils.jsm").FileUtils;
var nsiPromptService = Components.classes["#mozilla.org/embedcomp/prompt-service;1"].getService(Components.interfaces.nsIPromptService);
....
NetUtil.asyncFetch(file, function(inputStream, status) {
if (!Components.isSuccessCode(status)) {
return;
}
var data = NetUtil.readInputStreamToString(inputStream, inputStream.available());
var data = window.btoa(data);
var encoded_data_to_send_via_xmlhttp = encodeURIComponent(data);
...
});
This above will be deprecated.
I can use the downloads.download() to know what was the last download but I can NOT read the file and then get the equivalent for encoded_data_to_send_via_xmlhttp
Also in Firefox 57 onwards, means that I have to try to fake a user action by a button click or something, or upload a file.
Access to file:// URLs or reading files without any explicit user input
isnt there an easy way to read the last downloaded file?
The WebExtension API won't allow extensions to read local files anymore. You could let the extension get CORS privilege and read the content directly from the URL via fetch() or XMLHttpRequest() as blob and store directly to IndexedDB or memory, then encode and send to server. This comes with many restrictions and limitations such as to which origin you can read from and so forth.
Also, this would add potentially many unneeded steps. If the purpose is, as it seem to be in the question at the moment, to share the downloaded file with a server, I would instead suggest that you obtain the last DownloadItem object, extract the URL (.url) from that object and send the URL back to server.
This way the server can load directly from that URL (and encode it on server if needed). The network load will be about the same (a little less actually since there is no Base64 encoding involved which adds 33% to the size), and much less load on the client. The server would read the data as a binary/byte data stream; about the same as if the data was sent directly from the extension.
To obtain the last downloaded file you would do the following from a privileged script:
browser.downloads.search({
limit: 1,
orderBy: ["-startTime"]
})
.then(getLastDownload);
function getLastDownload(downloads) {
if (downloads.length) {
var url = downloads[0].url;
// ... send url to the server and let server fetch the data from it directly
}
}
According to this support mozilla question.
(2) Local file security
Firefox limits access from pages on web servers to pages on local disk or UNC paths. [...]).
Which solution ?
Use local-filesystem-links firefox addon (not tested)
and/or
run a small local webserver on client side, supposing server was run with sufficient privileges, you may finally access any local content via http:// (but still cannot with file:///)

Firefox Add-on SDK extension with Websocket doesn't work for Facebook/Twitter

I'm developing a Firefox extension based on Addon SDK.
Inside my content script, I need to create WebSocket connection to my localhost server using wss.
In my addon script (index.js), I use "sdk/tabs" to inject content script.
var tabs = require("sdk/tabs");
tabs.on("ready", function(tab){
var worker = tab.attach({
contentScriptFile: ["./websocket.js"]
});
});
data/websocket.js looks like:
websocket = new WebSocket("wss://localhost:8443/WebsocketServer/");
websocket.onopen = function(evt){
console.log("connection open");
websocket.send("connection established!");
};
websocket.onmessage = function(evt){
console.log("message received: "+evt.data);
};
I open firefox and open a page with https://localhost:8443/ and accept the certificate. So the certificate won't be a problem here.
I can open a normal http page and this addon works perfectly, talks to my websocket server. Also I can make it work if I open https://google.com.
But when I open https://www.facebook.com or https://www.twitter.com, the websocket connection cannot be established.
When I turn on developer console, i can see error message:
Content Security Policy: The page's settings blocked the loading of a
resource at wss://localhost:8443/WebsocketServer/ ("connect-src
https://graph.facebook.com https://*.giphy.com https://pay.twitter.com
https://analytics.twitter.com https://media.riffsy.com
https://upload.twitter.com https://api.mapbox.com https://twitter.com").
Content Security Policy: The page's settings blocked the loading of a
resource at wss://localhost:8443/WebsocketServer/ ("connect-src
https://*.facebook.com https://*.fbcdn.net https://*.facebook.net
https://*.spotilocal.com:* https://*.akamaihd.net wss://*.facebook.com:*
https://fb.scanandcleanlocal.com:* https://*.atlassolutions.com
https://attachment.fbsbx.com ws://localhost:* blob:").
After I check, find facebook and twitter both implement the content script policy in their http header:
https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
But I think this policy should be exempted for addon. How could I bypass this check and make my websocket connection also work on facebook and twitter also?
I found there is one link that uses XPCOMM to hyjack http header and bypass the CSP check, but this is not I'm looking for, as XPCOMM will be deprecated by firefox. Is there a more proper way of doing this?
Thanks a lot!

MediaPlayerLauncher with HTTPS

I would like to open an audio file from an HTTPS resource.
First, I tried using MediaPlayerLauncher like so:
MediaPlayerLauncher mediaPlayerLauncher = new MediaPlayerLauncher {
Media = filename,
Controls = MediaPlaybackControls.Pause,
Orientation = MediaPlayerOrientation.Portrait,
Location = MediaLocationType.None
};
mediaPlayerLauncher.Show();
filename in this case is a URL beginning with https://.
Using Fiddler to monitor traffic, I have noticed that https:// in filename is getting changed to http://.
Next I tried opening the same URL using WebBrowserTask:
WebBrowserTask webBrowser = new WebBrowserTask {
Uri = filename
};
webBrowser.Show();
Checking Fiddler out again, I noticed that two requests are being sent. First is a request to filename by the browser. This results in the "Tap to open file" message to appear in the browser. Tapping it opens the phone's media player (MediaPlayerLauncher?), which sends another request -- in this case, the https:// changed to http:// again (which is similar result to first attempt).
The server I am getting the file from only supports HTTPS, hence the problems arising when the media player requests the file as HTTP.
Is there anyway to stream a file from an HTTPS resource? Does Windows Phone's media player even support it?
Pointing location on the internet for the MediaLuncher is a bad idea. It will freez UI thread and your app won't be responsive. Try first download the audio as a stream and then play it. Use WebClient to open a stream. HTTPS can be open in WP7, so that shouldn't be a problem.

Setting HTTP headers from a Firefox extension

How can I set HTTP headers in my Firefox extension?
I'll make it so these are only sent while hitting my site so I can detect if the plugin is installed or not and not promote the plugin if it is.
Here's the most compact way I found to make this work:
Components.classes["#mozilla.org/observer-service;1"].getService(Components.interfaces.nsIObserverService ).addObserver({
observe : function(subject, topic, data) {
var channel = subject.QueryInterface( Components.interfaces.nsIHttpChannel );
if ( /mysite/.test( channel.originalURI.host ) ) {
channel.setRequestHeader("x-mysite-extended", "true", false);
}
}
},"http-on-modify-request",false);
There are a few existing Firefox extensions that modify HTTP headers en route to the server, and at least one of them, modifyheaders, has open source code.
Or, of course, there's the relevant page in the Mozilla Developer Center, Setting HTTP request headers.

IE6+, how to change User-Agent for Ajax requests too?

I want to make own browser application with own value of User-Agent.
Browser based on CHtmlView. MFC.
But exist strange problem with User-Agent from Ajax requests...
I did:
User-Agent value is used as argument to Navigate(). A Navigate() requests use right User-Agent.
Overload of OnAmbientProperty() method of CHtmlView class.
BOOL MyHtmlView::OnAmbientProperty(COleControlSite *pSite,
DISPID dispid, VARIANT *pvar)
{
USES_CONVERSION;
// Change user agent for this web browser host during hyperlinks
if (dispid == DISPID_AMBIENT_USERAGENT)
{
pvar->vt = VT_BSTR;
pvar->bstrVal = ::SysAllocString(m_userAgent);
return TRUE;
}
return CHtmlView::OnAmbientProperty(pSite, dispid, pvar);
}
This solve problem with hyper link.
But I have to use this browser for some Ajax application.
And here is problem. For Ajax requests it use original IE User-Agent value.
My PC is WinXP based with IE7.
Any idea how to solve this?
How to change User-Agent for any request from my browser?
Thanks!
On ajax request, you can set the HTTP header "User-Agent" : http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/#dfn-setrequestheader
I solved problem with UrlMkSetSessionOption(), it changed IE settings for current session only:
const char ua[] = "My user agent string";
HRESULT rez = UrlMkSetSessionOption(URLMON_OPTION_USERAGENT, (LPVOID)ua, sizeof(ua), 0);
Just one but, it change settings for once. Another calls return no error and no changes.
Some references:
Changing the user agent of the WebBrowser control

Resources