Automating Wi-Fi Authorization with Firefox SDK - firefox

I'm trying to make a Firefox addon with the Firefox Add-on SDK and API, and I have some questions about their possibilities before I start using them.
My college's Wi-Fi authorization expires every 30 minutes only to have fun pissing off their students. There are already some autofill addons available on many browsers but it's still destructing to move the mouse pointer onto the "Login" button and click it when there is one second left to turn in a midterm paper. I've heard my friends complaining like this for months and I myself think the thing is actually annoying sometimes, so I decided to develop a Firefox addon that takes charge of the job so that the authorization process will feel not even existing once the addon is activated. (I just want to impress my friends honestly.)
For ease I would like to develop the addon within the Firefox add-on SDK. I found that my addon would be utilizing the page-mod, password and request APIs; page-mod to detect the Wi-Fi service's auto-redirection into their authorization page, password to fill in the page's form by a student ID and password stored in the individual Firefox browser, request to redirect the "Login Successful!" page into the originally given destination.
So I guess it should be possible to achieve my goal with this SDK and APIs, but there are still some questions that I need to ask before I proceed:
Is it possible to pass a callback function to page-mod::PageMod (not as a String or a URL to another JavaScript file)? If not, can it be done using the lower level API?
Is it possible to actually redirect a page in a tab into another page only using high level APIs?
Is it possible to remember the original destination's location (with the request method and contents) and call it in the process of page-mod::PageMod (in order to re-redirect out of the authorization page)? If not, can it be done using the lower level API?
Is it possible to perform the addon's redirection function on inactive (background) tabs where the opened webpages automatically keep connecting to the Internet and get redirected to the authorization page?
Thank you so much for reading and please spare a little bit of your time for me. Thank you again!

Is it possible to pass a callback function to page-mod::PageMod (not as a String or a URL to another JavaScript file)? If not, can it be done using the lower level API?
No, everything that goes through the port is serialized using JSON serialization (See docs). Instead you would probably emit an event from your content script to execute the callback method with parameters you pass it in the module scope and hardcode parts that need to be done in the content script with port event listeners.
Is it possible to actually redirect a page in a tab into another page only using high level APIs?
Totally, if you're in a content script, you can just set window.location, or in your modules you set the location of a tab, see https://developer.mozilla.org/en-US/Add-ons/SDK/High-Level_APIs/tabs#url.
Is it possible to remember the original destination's location (with the request method and contents) and call it in the process of page-mod::PageMod (in order to re-redirect out of the authorization page)? If not, can it be done using the lower level API?
Possible? Yes, depends a lot on how the redirection from the W-LAN works. Generally all the SDK offers you is getting load/ready events for tabs and reading a tab's current URL. So if you get a ready event at the point of the redirect you're fine. If your college login remembers the redirect target using a get parameter in the URL you're fine. If your college doesn't adjust the URL, you're fine. If you really need to dig through the request, you'll have to ge a bit deeper than even what the SDK offers you, but it is possible.
Is it possible to perform the addon's redirection function on inactive (background) tabs where the opened webpages automatically keep connecting to the Internet and get redirected to the authorization page?
JS execution for Add-ons is not paused based on a tabs state.

Related

Can I see the network calls from a Firefox add-on?

I'd like to see the calls made from a Firefox add-on.
I know it's calling its website's REST API, and I would like to see the requests to better understand the API.
However in the Web Developper Network tab, these calls do not appear. Is there an option to see them ? Whether in dev tools or in about:config ?
Edit: I tried the about:debugging too, but it doesn't seem to capture the requests either. There are some background requests yes, but not the ones I know should be there.
As I don't know if this is generic or specific to the extension I'm looking at I'll detail. I'm trying to look at the requests made by the raindrop.io extension (https://raindrop.io/) that offers an API (https://developer.raindrop.io).
When I click on the extension button, I can create a bookmark for the page. For instance: the one I'm editing right now
This goes through requests to the REST API (at least a POST to https://api.raindrop.io/rest/v1/raindrop). I know because:
I can see similar requests when doing an operation from the website itself
I can send this request via the JS console and make it work
However I do not see this request in the normal Network console, I see no requests from the extensions.
I do not see it either from the debugging one. I see some requests though, but only background GET requests to a /links API that returns the full list of bookmarks. A request is made after I've added my bookmark, but it is clearly not the one that makes the update.
Another way I know the request is being made is that if I try to bookmark something weird (like the debugging tab), the extension displays an error that is the same I get if I manually sent a malformed request to the API.
So these calls happen. But I can't see them anywhere.
Note that the illustration is on this add-on because this is what I'm looking at right now, but I had the issue with others in the past. No way to see the foreground requests of the add-on.

MS Teams custom tab app changes Session.SessionID between requests

I'm making a custom tab app of MS Teams with ASP.NET, however, the tab doesn't seem to pass a same cookie between requests on MS Teams. So the ASP.NET app behind the tab generates a new Session.SessionID on every request.
I've checked the following question, and tried some settings according to that page, but nothing helped me. Actually my web site works nicely if I navigate it via Chrome or Edge.
ASP.NET: Session.SessionID changes between requests
How do I get a same cookie between requests on MS Teams?
I've not tested this specifically so haven't seen it, but basically the broad idea of session is to have to uniquely "remember" a user, and then restore State for them from a location (e.g. database). From your question, it seems like the out of box "Session" object is giving trouble, but at any rate you should probably avoid using it because it won't "remember" the user even across devices.
However, Teams provides you a way to achieve the same thing yourself quite easily. Remember that the Teams 'Context' object provides a userObjectId property that is unique and valid for the same user on all sessions on all devices (it's actually their Azure Active Directory id). You can simply store whatever you want in your own database, key'ed by this id, and request it on page load. It's also possible to get this from the querystring for a static (personal) tab if you want to handle the behaviour server-side (e.g. C#).

Can you use a wildcard domain callback URL for a Square Connect web application?

I'm trying to find a way to have Square not forcefully redirect my web application on a Connect payment. Right now, I've registered my url in https://connect.squareup.com/apps as https://example.com/square_callback (or whatever), and I pass along my own metadata that tell my application where to redirect back to so our users don't have to drill all the way down to where they were when they first jumped in.
So two questions.
One, is there a way to have that URI be dynamic? They're taking payments from https://example.com/customer/1351743, and that's where I want them to return to, so is there a way to have a wildcard redirect uri, something like https://example.com/customer/*?
Second, is there a way to not have the page refresh at all? These particular pages take a while to load, our users are out in the field with spotty connections, so while I want the square response to go to the server, I'd rather have their page not refresh at all. Possibly by using # in the URI?
To answer your first question, you can not register a wildcard domain or specify the the url in the request. This is mostly a security measure to prevent someone from skimming your information by hijacking your javascript. You can specify multiple urls in the developer portal and dynamically pick between them with your request.
I'm not 100% sure I understand your second question, but I'm going to interpret it as you want to switch back from the point of sale application to your webpage without "refreshing" the page. This isn't possible, since the app switch isn't as much of a switch back, as it is opening a new url. If you didn't load a new page, it wouldn't be possible to use the GET parameters that Square sends you back in the response from the transaction.
Sorry, both No :(

Taking Twilio calls in a new Popup window

I am facing a scenario where live Twilio call gets dropped, if the browser window in which call is received is reloaded. Is there a way to overcome this set-back without affecting the live calls?
Twilio Evangelist here.
Based on your question, I assume you are using the Twilio Client JavaScript SDK? If that is indeed the case, then unfortunately, if the page thats hosting the SDK gets reloaded the connection between the browser and Twilio will drop since the browser is reloading everything, including the JavaScript SDK.
There are a couple of different techniques I can think of off the top of my head that you can use to help avoid page reloads, and another idea that could help you recover a call where the connection to the browser has dropped because of a page reload. A lot of this is going to depend on your specific app and the experience you are trying to create for your users.
So to help avoid having to reload the page:
1) Use AJAX requests to your server in order to avoid page reloads. If your page includes content like a form, or you want to update the page content with data form the server, you can look using AJAX requests to the server instead of a normal full page postback to submit the form, or to retrieve the data form the server. This would help in avoiding having to reload the entire page in those two scenarios.
2) Use an iFrame to host your page content, and then put the Twilio SDK in the parent page (the one that defined the iFrame). This would let you reload the content hosted in the iframe, without having to reload the entire host page, avoiding a reload the the Twilio library. The downside to this is that communicating between content in an iframe and its host can get really messy fast.
Neither of these two techniques is fool-proof. Obviously a user can always just hit the refresh button on their browser, and thats going to cause the connection to drop.
In a case where the page does get reloaded, and the connection from Twilio to the browser gets dropped, one idea is to leverage Twilios capability to help reconnect the caller together. When a user calls your twilio phone number, instead of connecting them directly to the Twilio Client running in the browser (by dialing a client with <Client>), instead dial that caller into a conference <Conference>, and then have the browser client connect into that same conference. The benefit to that is if the browser disconnects, the original caller won't get hung up on, they will still be sitting in the conference room. As long as you've saved the Conference SID or name, you can have the browser client reconnect to that conference.
Hope that helps point you in the right direction.

Access to SMS and browser content tombstoning

WP7 newbie here..
In my application, I am using embedded web browser control to load an external web page.
I have a PIN based validation step in that application, which involves
1) User Leaving the current application, (which has a external web page loaded in the embedded web browser) to launch the SMS Inbox.
2) User reads the SMS he just received, which has the PIN. I am sending this SMS to the user.
3) The User then needs to resume back to the original application by hitting back button, to enter the PIN which he received in the SMS earlier.
Once user enters Step2, my application will go into background, and subsequently will get tombstoned. Once user enter Step3, I want to restore application state (with the embedded web browser control), without making a fresh HTTP request again to load the web page.
So, with the given scenario in my mind, I have following two questions -
1) Is there a better way to do all this, like not having to exit the original application, and still let user read the SMS. ( i.e any api to read sms ?)
2) Is there a way to serialize the browser state/save entire web page (with images, css, js) , such that entire web page can be rendered exactly the way it was, when user left the running application.
Important points:
1) I can only use SMS as a communication channel. I can not use something like raw push notification channel, which could let me show PIN to the user, without exiting the application.
2) I am targeting Windows phone 7.0 runtime, but if there is a better option available in Windows Mango update, please do tell me.
Any sort of help is greatly appreciated.
Update:
Added link to the embedded web browser component.
1) There is no API that would let you access the contents of the Messaging hub from inside your application. This is set up for privacy purposes.
2) By default, the web browser saves its state. So if you navigate away from your app, and then come back - the same web page will still be there unless you explicitly re-navigate on activation
1) The better way to do this would be to not embed the web page within an app. Just build a mobile website. If all the functionality is within the web page you gain nothing but problems by trying to put it inside an app.
The web browser control is not intended to be used to create an alternative browser (which is really what you're doing).
2) You can try using the SaveToString() method to store the state of the page when tombstoned but this doesn't allow for modifications to the page since it was loaded (including anything dynamically updated or any state in javascript). If you have multiple pages you'll also need to maintain the internal backstack and the state of each page separately.
Short answer: If you want to put your application logic in a webBrowser control then you can't support tombstoning. Fast-App-Switching (in Mango) partially addresses this but not completely.

Resources