I tried to search for this but I didn't find anything (which could simply be because I'm not sure what terms to use to search), so I hope this doesn't annoy anyone!
I have an IP tracker on my blog and I'm trying to figure out the identity of a regular visitor (within reason, of course! I know that information can't tell you a lot!). I'm rather confident of who it is based on various non-IP related clues, but the one thing that throws me off is that it shows the person as having a user agent that is apparently associated with Macs.
This is the user agent in question: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/536.28.10 (KHTML, like Gecko) Version/6.0.3 Safari/536.28.10
Now, I'm not psychic or anything, haha, but I'm pretty sure the person I thought it was does not have a Mac OS X. So I was wondering how reliable user agents are for determining the operating system and if it is possible for a Windows OS to have a Mac user agent WITHOUT the person manually going in to change their own user agent or installing a plugin. If not, I guess I was wrong about who it was, lol!
Thank you for your help and, again, I'm sorry if this is a really obvious question; I really did try my best to search!
A properly functioning browser will transmit a proper user agent for a properly-functioning machine, if that's what you're asking.
If they didn't do something to intentionally change their own user agent (which is very easy- it's one of the first options in the developer menu in Safari on OS X), then the browser should transmit the proper user agent of the machine, if it is working properly.
But that doesn't really help you much, does it?
Information about user-agent is a simple string that your system send with request to the server. So there are lot of possibilities to change user-agent manually: from browser addons, to the requests created by-hand.
Related
I'm prototyping using Apache Guacamole for brokering RDP connections.
The tech stack works really well, however, I'm hitting a usability issue in regaurds to running a Mac and trying to send hot keys like Control+C/Command+C and them not working.
Per Guac's docs, this seems to be inline with what they expect, as they don't do any "curtesy" remapping that other RDP managers on Mac (Microsoft Remote Desktop, RDS HTML5 Client, etc) do.
My question is has anyone found a customization or workaround to allow Mac->Win keymapping through Guacemole HTMl5 interface?
I'm not sure its a none starter, but it is extremly difficult to use windows with nearly no keyboard shortcuts :).
Thanks!
On my mac I use BetterTouchTool to get around this issue. It's not great though because your guacamole will still register the original keypresses from time to time. I have been looking for a workaround as well and have thus far not been able to find one :/.
I can not get localhost to work on chrome after upgrading to macOS Catalina. I spent a lot of time trying to figure out why I was getting this message
localhost normally uses encryption to protect your information. When Google Chrome tried to connect to localhost this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be localhost, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.
You cannot visit localhost right now because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.
(I wish I had taken a screen shot)
I don't know if this is the "best" solution but it got me able to code again so I figured I would share. I was seriously stuck and couldn't find any answers and saw someone mention this solution to another issue. Go to chrome://flags/#allow-insecure-localhost and change to enable.
Hope this helps someone else. I know this isn't really a question but there's not really a way to just share this. I guess I could use twitter and reddit.
OS X Catalina increased the requirements for an SSL/TLS certificate to be acceptable around November 2019. Notably, certificates now need a "Subject Alternative Name" section, which was not previously required. Note that this is an OS-level requirement and not specific to a single browser (although it doesn't affect FireFox because Firefox doesn't use the OS security stack).
The solution to your issue is how you generate the SSL certificate, not anything you can do as a Chrome user. This particular issue can not be bypassed by clicking through a Chrome warning message.
Also note that fixing this issue for OS X may make the certificate unusable on Chrome + Linux (I have linked to WebPack Dev Server's GitHub Issue discussion of this issue).
I am writing a tool that will expose an http interface on localhost. I'd like for it to not be available to a guest using the machine. I'd like to have the tool refuse connections entirely when a guest is logged in. Is this possible? Is there a way to detect this situation?
It turns out that guest accounts cannot run concurrently with normal accounts in OSX (at least on recent OSX) so the issue we were concerned about is a non-issue. You could theoretically detect it with w as Mark said in the comments, but it's a thing that won't happen.
I'm writing a WebDAV server and encountered the following problem. Mac OS X clients (Finder, Microsoft Office for Mac) generate too many different requests. I had the same problem with Microsoft Word for Windows, but after setting custom headers:
Ms-Author-Via: DAV
Microsoft Word started using much more limited number of requests. Here's how
Microsoft Word editing session looks on Windows (and Windows or Linux with LibreOffice):
PROPFIND
GET
LOCK (windows only)
PUT
UNLOCK (windows only)
PROPFIND (linux only)
Mac OS Finder and Office for Mac however generate a lot of additional requests, namely:
Generation of temporary files
Generation of temporary folders
Moving them around
Is there some header combination that reduces a number of requests in Mac OS X?
After some research, it sadly looks a lot like this were beyond the powers of some HTTP headers. It is also a somewhat known issue as this owncloud issue and this document in the sabre DAV documentation shows. Apple's solution to this is by disabling temporary file creation altogether through the following command:
defaults write com.apple.desktopservices DSDontWriteNetworkStores true
However, it sounds like you will have to cater to the needs of many clients outside of your control, which makes this impractical. Owncloud has tackled this by mocking successfull LOCK/UNLOCKs for finder, turning these requests essentially into NOPs. A less subtle approach were to forcefully prevent creation of these files in the first place. On a personal note, I feel a mix of Owncloud's approach combined with a .metadata_never_index file were most promising and largely free of undesired side-effects.
I'm writing an app for mac os x, and I have to display a notification every day, to remind users about something. The notification should appear even if the app isn't running, and I can't use push notification.
I guess the best solution would be local notification, just like on iOS. Also I know UILocalNotification is available on iOS only. But I think there should be an alternative solution.
Can anybody please point me in the right direction? Is it even possible? If yes, what is the best practice to do this?
Local notifications support, very similar to iOS local notifications, has been added in MacOS 10.8 (Mountain Lion). See MacOSX10.8/Frameworks/Foundation.Framework/NSUserNotification.h for more information. Quick usage example could be found here.
The notification should appear even if the app isn't running
Well, something will still have to be running to send the actual notification. Mostly helper programs are used for this (separate executable binaries that are added as launch agents or launch daemons). So I'm suggesting you create a daemon-like helper program that would be added as launch daemon on a per-user basis. You can also look at shared file list api to see how can it be added to user's login items.