Wrapper around web-app under Windows - windows

I have an application with web interface. Unfortunately, it has all disadvantages of being a web page:
It doesn't have a standalone window, so users cannot manage it via the taskbar.
Users see the address line with something like 'http://localhost:8080' that is not a good idea for home users.
If users click on a tray icon, there is no way to activate the tab in a browser, which contain the application interface.
So, it would be nice to have a wrapper application with a browser within.
In case of IE I know it's possible to create a window with Trident ActiveX component. But what if it's Windows XP with IE6 but installed latest Chrome? I'd like to prefer Chrome since it supports a lot more features which the user will never see.
So, is there a way to wrap a page into Chrome/Firefox and make it look like a standalone application, if one of them is presented in the user's system? (The application shouldn't install anything large, so Chromium build is not an option).
P.S. I'm not interested in supporting other platforms than Windows.
Regards,

Take a look at Chrome Apps.
I hope helps you.

Related

WebAuthn on Chrome on Windows: Skip Windows dialog in favor of Chrome dialog

In developing our passkey integration I'm encountering unusual behavior in Chrome on Windows.
On my PC, when I register a new physical key I see this Windows dialog.
When I enable the virtual authenticator environment in the Chrome Dev Tools I get this Chrome dialog instead.
However, someone testing the application for me on another PC, without using the virtual authenticator environment, gets the Windows dialog first. If they click Cancel in the Windows dialog, then they get the Chrome dialog.
Is there anything I can do to nudge the browser towards delivering a more consistent experience? I'd rather always show the Chrome dialog if possible.
For reference, this is the virtual authenticator environment in the Chrome Dev Tools:
The problem is that lots of enterprise users have to use a physical security key one or more times a day. So there's a strong desire not to put extra clicks in their way and thus to jump directly to the Windows system UI. But the Windows UI doesn't support using phones as authenticators, so sometimes the browser UI is needed as hitting escape is quite non-discoverable.
Quite how that balance is struck has varied over time and might change again in the future. You can see the current logic here if you want to craft requests that trigger the browser UI. But the intent is that sites should do the obvious thing and the UI should be fairly reasonable.

Is there an equivalent of chrome's nativeMessaging API in Internet Explorer?

On chrome, extensions can exchange messages with native applications with the help of native messaging APIs How can we achieve this on IE?
use-case : We have our own desktop application which users can download and install from our site. Next time when they revisit, we should be able to detect if the native application is installed and launch if its available.
We were able to build a solution on chrome with the help of an extension which makes use of chrome native messaging APIs to connect to native application.
Need something similar on IE browsers or a generic solution which will work across all major browsers.
You might want to have a look at URL handlers, they are supported for Firefox, Chrome and Internet Explorer.
Basically it enables you to register for example myapp:// for the browser and then you can have the browser call the application that is registered to this handler.
This is a technique which for example uTorrent uses to open trackers for torrent:// and magnet://.
You can check these links for details or search for solutions here on SO:
https://developer.mozilla.org/en/docs/Web-based_protocol_handlers
https://msdn.microsoft.com/en-us/library/aa767914(v=vs.85).aspx
https://developer.chrome.com/apps/manifest/url_handlers
If you have the desktop application installed, you can just install the BHO in the IE. This BHO should handle Navigate events from the browser, then, when user navigates to your site, BHO will indicate to the site, that the your app is present on the system. For example, BHO can inject some "marker" node on the page or call some predefined JS function on the your site's page. Also this BHO can perform some additional communication with you desktop app via the COM (or you can emulate manually int the BHO the protocol used in Chrome native messaging) and use the same approach as for Chrome.

Firefox extension app hosted on server

I managed to create a Chrome extension pretty easy and the main application is hosted on my server allowing me to provide updates to the app itself without having to update the whole extension. I like the idea and I just want to know if it's possible to create a similar extension for Firefox where the main application is hosted on a live server.
In creating my Chrome extension, I followed a tutorial. The code for Chrome is included on the linked page.
It's possible to create a simple extension that loads a web app either in a panel or a tab. You should read up on the Addon SDK documentation, including the panel, tabs and getting started docs.
There is nothing wrong with this, as the web app would not have direct access to internal Firefox APIs. If you read the Addon guidelines closely that #makyen links to above, none of it covers this implementation detail. In their defence, they seem to have misinterpreted what you want to do. It looks to me like you just want to integrate / launch your web app from the browser UI?
Web application:
After finding the tutorial (please provide a link next time) I surmise you are referring to in your question, I suspect that what you are actually attempting to convey is different than how I initially interpreted your question. I have edited the question to make this more clear to people reading it in the future.
That tutorial is explaining how to place a link to a web application into the Chrome user interface. Such is, to a large extent, just a bookmark that is able to be placed within other areas of the user interface than the bookmarks bar.
If that is what you are wanting to do, then, yes, you can easily do so in Firefox. Given that the extension is not running external content in the security context of an extension (you are effectively just navigating to and displaying a website), then that should be fine as a Firefox extension. Note that you need to be sure that you are not granting elevated permissions when you launch the web application.
If running a web application is what you are wanting to do, then I suggest you might want to use different semantics to refer to what you are doing. The above is not a "Firefox extension app hosted on server". Saying it that way strongly implies that you are hosting the actual extension code on your own server. The rest of your question implies that the extension dynamically loads external code and runs it. I would suggest that you refer to it as something like: a web application that is launched (navigated to) by a Firefox extension allowing the web application to be started from an icon in the toolbar.
Extension running web sourced code:
However, if what you are wanting to do is have external content running as a Firefox extension, then implementing that functionality is a large security hole for anyone installing the extension. Even assuming that your intentions are totally benign, there is a huge security hole for anyone who is intercepting your traffic, or gains control of your server to inject code into Firefox that runs at the level of an extension (i.e. the malware can have full control of the browser and then of the computer).
Yes, it is currently possible for you to write this for Firefox.
However, given that the extension pulls code from something not packaged within the extension, the extension will never be permitted to be hosted on AMO.
In addition, the plan is that later this year there will be mandatory signing of Firefox extensions through Mozilla. I doubt that an extension like this will be permitted at that time.
You can read a set of Add-on guidelines on MDN.

Locking user to browser window (using .dll files)

Is it possible to lock a user in chrome using .dll files (NPAPI plugin) or any other method?
I want to invoke chrome browser in highly controlled environment preferably on Windows. I would download chrome for businesses and write policies such that user isn't allowed to access any url except one.
I would create a packaged app and create an application shortcut on desktop for user which goes to the url. So it will open in KIOSK mode. But I would want that user shouldn't be able to navigate away from chrome, specifically that window and shouldn't be able to use any other program until he logs out of the application or explicitly closes the window. That means disabling function /ctrl/alt and window keys.
Something like this but with chrome.
Even opening chrome itself in 'locked' mode is not a problem.
Has someone ever implemented it? Is it possible using NPAPI plugin or any other method? If anybody could direct me towards any such resources I would be grateful.
No, this is not realistically possible using an NPAPI plugin, at least not by itself. At minimum you'd need an extension (see http://npapi.com/extensions).
If you loaded it from an extension it might be possible to get the window handle of the browser and such, but I think you'd probably be better off with a separate app.

Communicating with users on other web pages

This question is part user experience, part engineering.
I am trying to find a nice, clean way to have a user communicate with my web page while they are on another web page. I have web services that will accept HTTP POST/GET, so AJAX and other asynchronous niceties are welcome - don't worry about the details of their communication, they can easily be modified to fit a solution.
The problem I'm running into lies within the user interaction. Ex., say the user is viewing a web page and they want to send my system the web site's URL. I would like it if they could do it while still looking at that page, and without too many "crazy clicks" - currently they have to go back over to my page and enter the information (as you can imagine this has tested horribly).
I have ruled out browser tool bars (easy to do in FF, but a lot of my users use IE) and local applications (they won't want to install Java or Adobe Air apps).
Have you ever solved a problem like this before, or do you have an idea of how I could solve it? Should I be looking at separate solutions for FF and IE (ex., a tool bar for FF and something else for IE)? Don't worry about Safari and Chrome, though a solution that supports them too would be nifty.
Thanks.
p.s. The user would have an account on my system already.
Have you thought about something like the Digg Bar?
Users can access it through a bookmarklet, or you can do a url prefix like http://yoursite.com/<other_site_url>. When users click links, the bar stays active.
What if you wrote a system tray application. Something similar to Pixel Ruler
This could sit in their tray, and it would know you're website. That would eliminate browser toolbars, and could conceivably work on several browsers. You could probably even set it up as an install if they visit your website.
Then you could expose a webservice on your site that this control would pass back info to (like the user's name, current website, etc)
I don't know about the details of your application, but the only solution I can imagine is that you have a page split into two frames, with your toolbar at the top. stumbleupon.com does this, but it makes sense because they're providing the web content.
Simply, your users would have to visit your site before they could do their own browsing. Is that reasonable for your project? That sounds like it could be a user experience disaster of its own. Also, if most of your users are using IE, I'm going to assume that they're not the most web savvy users out there.

Resources