In my project, I want to get the PC name of the client user
but the methods I am using just give me the PC name of the server:
System.get(user.name)
Sorry you can't directly
Your best bet is User-Agent header. You can get it like this in JSP or Servlet,
String userAgent = request.getHeader("User-Agent");
The header looks like this,
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.13) Gecko/2009073021 Firefox/3.0.13
It provides detailed information on browser. However, it's pretty much free format so it's very hard to decipher every single one. You just need to figure out which browsers you will support and write parser for each one. When you try to identify the version of browser, always check newer version first. For example, IE6 user-agent may contain IE5 for backward compatibility. If you check IE5 first, IE6 will be categorized as IE5 also.
You can get a full list of all user-agent values from this web site,
http://www.user-agents.org/
With User-Agent, you can tell the exact version of the browser. You can get a pretty good idea on OS but you may not be able to distinguish between different versions of the same OS, for example, Windows NT and 2000 may use same User-Agent.
Remember the scope the client could be behind a proxy
A smart idea is to use javascript and send infos via ajax call
Browser, Operating System, Screen Colors, Screen Resolution, Flash version, and Java Support should all be detectable from JavaScript (and maybe a few more). However, computer name is not possible across all browser at least.
You can do it with IE 'sometimes' as I have done this for an internal application on an intranet which is IE only. Try the following:
function GetComputerName()
{
try
{
var network = new ActiveXObject('WScript.Network');
// Show a pop up if it works
alert(network.computerName);
}
catch (e) { }
}
Related
I'd like to disable some features of a web app I'm building, if the browser is Tor Browser. Can I inside the browser itself (client side, not server side) find out if the browser is Tor Browser?
I would prefer a solution that didn't issue any HTTP requests to match the browser's IP against Tor exit nodes.
Background: In my case, Tor Browser pops up a dialog that asks the user "Should Tor Browser allow this website to extract HTML5 canvas image data?", because, says Tor Browser, canvas image data can be used to uniquely identify a browser.
Update: After reading the answers below: Perhaps the best solution in my case, is to keep a list of Tor exit nodes server side (an up-to-date list, refreshed periodically), and when a browser loads the page, I set a variable in a <script> tag, if the browser's IP matches such an exit node: var isProbablyTorBrowser = true. Then, client side, no additional requests, or complicated logic, is needed.
The Tor browser is not designed to be undetectable (that's impossible to do). Rather, it is designed so that all copies are indistinguishable from each other: you cannot track a browser from one site to another, or from one visit to another, strictly through browser fingerprinting.
This gives it a distinct fingerprint of its own. As of right now, a browser that
Has a User-Agent of Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0
Has a screen resolution that matches the browser window size (particularly if that size is 1000x800)
Has a time zone of "0" (GMT)
Has no plugins (navigator.plugins is empty)
is probably the TBB browser. The User-Agent string may change when the next ESR version of Firefox comes out, most likely to Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/38.0.
The screen resolution/browser window match alone may uniquely identify TBB: even in fullscreen mode, there's a one-pixel difference between window height and screen height in Firefox.
The "official" way to detect tor is to check the user's IP address and see if it's a tor exit node. Tor runs TorDNSEL for this purpose.
Here's a PHP implementation of a TorDNSEL lookup from a tutorial by Irongeek
function IsTorExitPoint(){
if (gethostbyname(ReverseIPOctets($_SERVER['REMOTE_ADDR']).".".$_SERVER['SERVER_PORT'].".".ReverseIPOctets($_SERVER['SERVER_ADDR']).".ip-port.exitlist.torproject.org")=="127.0.0.2") {
return true;
} else {
return false;
}
}
function ReverseIPOctets($inputip){
$ipoc = explode(".",$inputip);
return $ipoc[3].".".$ipoc[2].".".$ipoc[1].".".$ipoc[0];
}
If you're not using PHP, you should still be able to adapt this relatively easily.
Another method of detecting Tor is to have a script download the list of Tor exit nodes every half hour or so, then check each user's IP address against that list. This may be less reliable, though, as not all exit nodes are published. There's a list you can use, and instructions, available at dan.me.uk.
EDIT: Since you updated your question, the second option (a list you host locally) is going to be preferable.
There might be a quite reliable way. Check if it returns you a blank (white) image when you try to Base64 it using canvas.
When you do so an notification is shown.
No matter what user chooses JS returns a white image. So you can try to base64 (<-- it's a verb ;)) a non white image and then check if a white base64 image returned.
UPD.
Here is an example I made for myself. For me it was important to detect if I have an access to the image, but it can be used for Tor detecting in some way.
UPD2.
There even might be no notification shown as it's shown in code snippet below. Maybe because it's ran in an iframe.
function isTorBrowser() {
var img = document.createElement("img");
// Creates a black 1x1 px image
img.src = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAIAAACQd1PeAAAACXBIWXMAAB7CAAAewgFu0HU+AAAKT2lDQ1BQaG90b3Nob3AgSUNDIHByb2ZpbGUAAHjanVNnVFPpFj333vRCS4iAlEtvUhUIIFJCi4AUkSYqIQkQSoghodkVUcERRUUEG8igiAOOjoCMFVEsDIoK2AfkIaKOg6OIisr74Xuja9a89+bN/rXXPues852zzwfACAyWSDNRNYAMqUIeEeCDx8TG4eQuQIEKJHAAEAizZCFz/SMBAPh+PDwrIsAHvgABeNMLCADATZvAMByH/w/qQplcAYCEAcB0kThLCIAUAEB6jkKmAEBGAYCdmCZTAKAEAGDLY2LjAFAtAGAnf+bTAICd+Jl7AQBblCEVAaCRACATZYhEAGg7AKzPVopFAFgwABRmS8Q5ANgtADBJV2ZIALC3AMDOEAuyAAgMADBRiIUpAAR7AGDIIyN4AISZABRG8lc88SuuEOcqAAB4mbI8uSQ5RYFbCC1xB1dXLh4ozkkXKxQ2YQJhmkAuwnmZGTKBNA/g88wAAKCRFRHgg/P9eM4Ors7ONo62Dl8t6r8G/yJiYuP+5c+rcEAAAOF0ftH+LC+zGoA7BoBt/qIl7gRoXgugdfeLZrIPQLUAoOnaV/Nw+H48PEWhkLnZ2eXk5NhKxEJbYcpXff5nwl/AV/1s+X48/Pf14L7iJIEyXYFHBPjgwsz0TKUcz5IJhGLc5o9H/LcL//wd0yLESWK5WCoU41EScY5EmozzMqUiiUKSKcUl0v9k4t8s+wM+3zUAsGo+AXuRLahdYwP2SycQWHTA4vcAAPK7b8HUKAgDgGiD4c93/+8//UegJQCAZkmScQAAXkQkLlTKsz/HCAAARKCBKrBBG/TBGCzABhzBBdzBC/xgNoRCJMTCQhBCCmSAHHJgKayCQiiGzbAdKmAv1EAdNMBRaIaTcA4uwlW4Dj1wD/phCJ7BKLyBCQRByAgTYSHaiAFiilgjjggXmYX4IcFIBBKLJCDJiBRRIkuRNUgxUopUIFVIHfI9cgI5h1xGupE7yAAygvyGvEcxlIGyUT3UDLVDuag3GoRGogvQZHQxmo8WoJvQcrQaPYw2oefQq2gP2o8+Q8cwwOgYBzPEbDAuxsNCsTgsCZNjy7EirAyrxhqwVqwDu4n1Y8+xdwQSgUXACTYEd0IgYR5BSFhMWE7YSKggHCQ0EdoJNwkDhFHCJyKTqEu0JroR+cQYYjIxh1hILCPWEo8TLxB7iEPENyQSiUMyJ7mQAkmxpFTSEtJG0m5SI+ksqZs0SBojk8naZGuyBzmULCAryIXkneTD5DPkG+Qh8lsKnWJAcaT4U+IoUspqShnlEOU05QZlmDJBVaOaUt2ooVQRNY9aQq2htlKvUYeoEzR1mjnNgxZJS6WtopXTGmgXaPdpr+h0uhHdlR5Ol9BX0svpR+iX6AP0dwwNhhWDx4hnKBmbGAcYZxl3GK+YTKYZ04sZx1QwNzHrmOeZD5lvVVgqtip8FZHKCpVKlSaVGyovVKmqpqreqgtV81XLVI+pXlN9rkZVM1PjqQnUlqtVqp1Q61MbU2epO6iHqmeob1Q/pH5Z/YkGWcNMw09DpFGgsV/jvMYgC2MZs3gsIWsNq4Z1gTXEJrHN2Xx2KruY/R27iz2qqaE5QzNKM1ezUvOUZj8H45hx+Jx0TgnnKKeX836K3hTvKeIpG6Y0TLkxZVxrqpaXllirSKtRq0frvTau7aedpr1Fu1n7gQ5Bx0onXCdHZ4/OBZ3nU9lT3acKpxZNPTr1ri6qa6UbobtEd79up+6Ynr5egJ5Mb6feeb3n+hx9L/1U/W36p/VHDFgGswwkBtsMzhg8xTVxbzwdL8fb8VFDXcNAQ6VhlWGX4YSRudE8o9VGjUYPjGnGXOMk423GbcajJgYmISZLTepN7ppSTbmmKaY7TDtMx83MzaLN1pk1mz0x1zLnm+eb15vft2BaeFostqi2uGVJsuRaplnutrxuhVo5WaVYVVpds0atna0l1rutu6cRp7lOk06rntZnw7Dxtsm2qbcZsOXYBtuutm22fWFnYhdnt8Wuw+6TvZN9un2N/T0HDYfZDqsdWh1+c7RyFDpWOt6azpzuP33F9JbpL2dYzxDP2DPjthPLKcRpnVOb00dnF2e5c4PziIuJS4LLLpc+Lpsbxt3IveRKdPVxXeF60vWdm7Obwu2o26/uNu5p7ofcn8w0nymeWTNz0MPIQ+BR5dE/C5+VMGvfrH5PQ0+BZ7XnIy9jL5FXrdewt6V3qvdh7xc+9j5yn+M+4zw33jLeWV/MN8C3yLfLT8Nvnl+F30N/I/9k/3r/0QCngCUBZwOJgUGBWwL7+Hp8Ib+OPzrbZfay2e1BjKC5QRVBj4KtguXBrSFoyOyQrSH355jOkc5pDoVQfujW0Adh5mGLw34MJ4WHhVeGP45wiFga0TGXNXfR3ENz30T6RJZE3ptnMU85ry1KNSo+qi5qPNo3ujS6P8YuZlnM1VidWElsSxw5LiquNm5svt/87fOH4p3iC+N7F5gvyF1weaHOwvSFpxapLhIsOpZATIhOOJTwQRAqqBaMJfITdyWOCnnCHcJnIi/RNtGI2ENcKh5O8kgqTXqS7JG8NXkkxTOlLOW5hCepkLxMDUzdmzqeFpp2IG0yPTq9MYOSkZBxQqohTZO2Z+pn5mZ2y6xlhbL+xW6Lty8elQfJa7OQrAVZLQq2QqboVFoo1yoHsmdlV2a/zYnKOZarnivN7cyzytuQN5zvn//tEsIS4ZK2pYZLVy0dWOa9rGo5sjxxedsK4xUFK4ZWBqw8uIq2Km3VT6vtV5eufr0mek1rgV7ByoLBtQFr6wtVCuWFfevc1+1dT1gvWd+1YfqGnRs+FYmKrhTbF5cVf9go3HjlG4dvyr+Z3JS0qavEuWTPZtJm6ebeLZ5bDpaql+aXDm4N2dq0Dd9WtO319kXbL5fNKNu7g7ZDuaO/PLi8ZafJzs07P1SkVPRU+lQ27tLdtWHX+G7R7ht7vPY07NXbW7z3/T7JvttVAVVN1WbVZftJ+7P3P66Jqun4lvttXa1ObXHtxwPSA/0HIw6217nU1R3SPVRSj9Yr60cOxx++/p3vdy0NNg1VjZzG4iNwRHnk6fcJ3/ceDTradox7rOEH0x92HWcdL2pCmvKaRptTmvtbYlu6T8w+0dbq3nr8R9sfD5w0PFl5SvNUyWna6YLTk2fyz4ydlZ19fi753GDborZ752PO32oPb++6EHTh0kX/i+c7vDvOXPK4dPKy2+UTV7hXmq86X23qdOo8/pPTT8e7nLuarrlca7nuer21e2b36RueN87d9L158Rb/1tWeOT3dvfN6b/fF9/XfFt1+cif9zsu72Xcn7q28T7xf9EDtQdlD3YfVP1v+3Njv3H9qwHeg89HcR/cGhYPP/pH1jw9DBY+Zj8uGDYbrnjg+OTniP3L96fynQ89kzyaeF/6i/suuFxYvfvjV69fO0ZjRoZfyl5O/bXyl/erA6xmv28bCxh6+yXgzMV70VvvtwXfcdx3vo98PT+R8IH8o/2j5sfVT0Kf7kxmTk/8EA5jz/GMzLdsAAAAgY0hSTQAAeiUAAICDAAD5/wAAgOkAAHUwAADqYAAAOpgAABdvkl/FRgAAABJJREFUeNpiYmBgAAAAAP//AwAADAADpaqVBgAAAABJRU5ErkJggg==';
var canvas = document.createElement("canvas");
canvas.width = 1;
canvas.height = 1;
var ctx = canvas.getContext("2d");
var imagedata = ctx.getImageData(0, 0, canvas.width, canvas.height);
return imagedata.data[0] == 255
&& imagedata.data[1] == 255
&& imagedata.data[2] == 255
&& imagedata.data[3] == 255;
}
document.getElementById('tor-browser-test').innerHTML = isTorBrowser() ? 'Is Tor' : 'Not Tor';
<div id="tor-browser-test"></div>
There is no reliable way to detect the TOR Browser... That's kind of a goal of that browser. If you find a reliable way, chances are somebody else finds it too, tells the TOR developers and they close it.
E.g. all TOR Browser bundles report bogus, but reasonable User-Agents. The current release version e.g. says it is Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0 no matter what OS you're actually using.
You may apply some heuristics to detect a TOR Browser with a certain probability, but will also generate some false-positives...
Check the user agent. TOR Browser will report the latest Firefox ESR on a certain OS, currently Windows 7 32-bit (but some users might have changed that again and other users might simply use the ESR release but not the TOR Browser)
Plugins are disabled, so navigator.plugins will be empty (but some users might have re-enabled plugins again).
etc.
Detect the browser actually uses the TOR network.
Of course, you'll have to keep your checks up to date, so it requires a fair amount of maintenance busywork.
Personally, given the less than stellar detection results, maintenance burden and very modest experience improvements for users, I wouldn't try to handle TOR Browser differently at all.
By the firefox resource bundle you can check it.
The resource:// URI scheme is used by Firefox to call on-disk resources from internal modules and extensions.
But some of these resources may also be included to any web page and executed via script tag. Mozilla developers is not consider the resources as a fingerprinting vector, despite the fact that some of them can reveal what the user does not wish. For example, differences in built-in preferences files clearly indicates you are using Windows or Linux or Mac, even if you're behind Tor Browser.
https://www.browserleaks.com/firefox
We're developing a cross-platform application using PhoneGap. At one point, it makes an AJAX request to a relative path, which works fine on both Android and iOS, but not Windows Phone - it gets a 404 response. An absolute URL works fine. The following code:
var a = document.createElement('a');
a.setAttribute('href', 'personalData.html');
console.log(a.href);
also resolves to the correct absolute URL. However, the following:
var xhr = new XMLHttpRequest();
xhr.open("GET", "personalData.html", true);
xhr.onreadystatechange = function () {
if (xhr.readyState === 4) {
console.log(xhr);
}
};
returns 404. I want to find out what's going on. Is there any way to know what absolute path XHR is requesting?
XMLHttpRequest is a JavaScript object that was designed by Microsoft and adopted by Mozilla, Apple, and Google, it's not related to Phonegap.
https://developer.mozilla.org/en/DOM/XMLHttpRequest
Said this, you could try using an http Proxy like Fiddler to view all http trafic.
http://www.fiddler2.com/fiddler2/
Best regards.
In these cases, Fiddler Web Debugger is unbeatable. It will tell you exactly what the request is doing.
It also works with the Windows Phone emulator. To debug an actual device, setup FIddler to accept external connections and assign Fiddler as a proxy on the phone.
I have done both scenarios, works fine.
Give it a shot.
I have try your code in my project (Phonegap/WinPhone7) and your code didn't get anything till I initialized the request (xhr.send();).
I have no idea how you make request without this method.
it's a week that I'm trying to write a program that download correctly from youtube
a video
the problem is this:
I've done via httpwebrequest a simple downloader and all work well.
I've tried download a mp4 video from a local server (uniform server) and all goes well, video is the same, work and is valid mp4.
When I download the same video from youtube something strange happens:
It fill some characters in downloaded file with sequence EF BF BD
for example when encounter character E2 (I've compared the two files one from youtube and the original). Googling around I discover that a server return this kinda sequence when encounterd a invalid char for your encoding, now I'm on wp7 and I can't set
Accept-Charset:
ISO-8859-1,utf-8;q=0.7,*;q=0.7
here's others useful data: I've try with these:
_webRequest.Method = "GET"; //also POST
_webRequest.UserAgent = #"Mozilla/5.0 (Windows; U; Windows NT 6.1; it; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16";
_webRequest.Accept = #"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
_webRequest.BeginGetResponse(_onDownload, userState);
format url from youtube
Any Idea?
thanks
Can you set the header using the _webRequest.Headers method? See these related questions:
Cannot set some HTTP headers when using System.Net.WebRequest
Constructing a POST in C#
Google Maps can now pinpoint my location with street precision with the help of Firefox.
I understand this is a new feature of HTML 5 compatible browsers and that the location is fetched by using some sort of feature of the connected WiFi network (I hope I'm not making any silly assumptions).
What I intend to know is how this whole process exactly works:
Why only in HTML 5?
Why / how does Firefox ask me to share my location with Google Maps?
What is the normal precision one can count on?
How can I implement this feature in my websites?
Thanks in advance!
How does it work?
When you visit a location-aware website in Firefox, the browser will ask you if you want to share your location.
If you consent, Firefox gathers information about nearby wireless access points and your computer’s IP address, and will get an estimate of your location by sending this information to Google Location Services (the default geolocation service in Firefox). That location estimate is then shared with the requesting website. (Source)
How accurate are the locations?
Accuracy varies greatly from location to location. In some places, the geolocation service providers may be able to provide a location to within a few meters. However, in other areas it might be much more than that. All locations are to be considered estimates as there is no guarantee on the accuracy of the locations provided. (Source)
In my case, Firefox reports that I am about 10km away from my real location.
How do I use this feature in my website?
You would do something like this:
if (navigator.geolocation) {
navigator.geolocation.getCurrentPosition(function(position) {
alert(position.coords.latitude + ", " + position.coords.longitude);
// Use the latitude and location as you wish. You may set a marker
// on Google Maps, for example.
});
}
else {
alert("Geolocation services are not supported by your browser.");
}
You can see an online demo here: Firefox HTML 5 Geolocation Demo (Requires a geolocation-aware browser such as Firefox 3.1b3.)
HTML5 supplies an API which allows the web browser (and then hence the server-side of an web application) to query the location and related information such as speed (if relevant), in a standard, uniform, fashion.
The host and its web browser supply the "devices" which compute/estimate the geolocation per-se
For this API to be useful, requires that the underlying host and web browser
a) allow the sharing of such info (note the privacy issue) and
b) be somewhat equipped (either locally or by way of the network they are hooked-up to) to read or estimate the geolocation.
The techniques and devices involved in computing the actual location involves a combination of the following (not all apply of course), and is independent from the HTML 5 standard:
GPS device (lots of phones now have them)
Routing info at the level of the Cell phone network
IP address / ISP routing information
Wifi router info
Fixed data, manually input (for pcs which are at a fixed location)
...
Therefore...
- HTML5 alone cannot figure out geolocation: upgrading to newer web browser, in of itself, won't be sufficient to get geolocation features in your applications etc.
- Geolocation data can be shared outside of the HTML5 API, allowing GPS-ready or GeoLocation-ready phones expose the geolocation data within other APIs.
HTML5 Geolocation API uses certain features, such as Global Positioning System (GPS), Internet Protocol (IP) address of a device, nearest mobile phone towers, and input from a user, in the users’ device to retrieve the users’ location. The users’ location retrieved by using the Geolocation API is almost accurate depending upon the type of source used to retrieve the location.
There is a really good demo of HTML5 Geolocation here (http://html5demos.com/geo). Whenever a website tries to fetch your location by using one of the following mentioned APIs, the browser will ask me your permission before invoking the API to share your location.
The Geolocation API provides the following methods:
getCurrentPosition(successCallback, errorCallback, options)
Used to retrieve the current geographical location of a user.
watchPosition(successCallback, errorCallback, options)
The function returns a watchId and calls successCallback with the updated coordinates. It continues to return updated position as the user moves (like the GPS in a car).
clearWatch(watchId)
Stops the watchPosition() method based on the watchId provided.
Sample Code:
if (navigator.geolocation) {
navigator.geolocation.getCurrentPosition(userPositionSuccess, userPositionError);
} else {
alert("Your browser does not support geolocation.");
}
function userPositionSuccess(position) {
alert("Latitude: " + position.coords.latitude + " Longitude: " + position.coords.longitude);
}
function userPositionError() {
alert("There was an error retrieving your location!");
}
I know this is possible via a simple registry change to accomplish this as long as IE/firefox is being used. However, I am wondering if there is a reliable way to do so for other browsers,
I am specifically looking for a way to do this via an installer, so editing a preference inside a specific browser will not cut it.
Here is the best I can come up with:
IE: http://msdn.microsoft.com/en-us/library/aa767914(VS.85).aspx
FireFox: http://kb.mozillazine.org/Register_protocol
Chrome: Since every other browser in seems to support the same convention, I created a bug for chrome.
Opera: I can't find any documentation, but it appears to follow the same method as IE/Firefox (see above links)
Safari: Same thing as opera, it works, but I can't find any documentation on it
Yes. Here is how to do it with FireFox:
http://kb.mozillazine.org/Register_protocol
and Opera:
http://www.opera.com/support/kb/view/535/
If someone looks like a solution for an intranet web site (for all browsers, not only IE), that contains hyperlinks to a shared server folders (like in my case) this is a possible solution:
register protocol (URI scheme) via registry (this can be done for all corporative users i suppose). For example, "myfile:" scheme. (thanks to Greg Dean's answer)
The hyperlink href attribute will then should look like
<a href='myfile:\\mysharedserver\sharedfolder\' target='_self'>Shared server</a>
Write a console application that redirects argument to windows explorer (see step 1 for example of such application)
This is piece of mine test app:
const string prefix = "myfile:";
static string ProcessInput(string s)
{
// TODO Verify and validate the input
// string as appropriate for your application.
if (s.StartsWith(prefix))
s = s.Substring(prefix.Length);
s = System.Net.WebUtility.UrlDecode(s);
Process.Start("explorer", s);
return s;
}
I think this app can be easily installed by your admins for all intranet users :)
I couldn't set up scheme setting to open such links in explorer without this separate app.