Google Play badge with https - https

I need to integrate on my website a Google Play badge for linking to an Android app on Google Play, with https.
The badge generator offers the badge in http version: http://developer.android.com/distribute/googleplay/promote/badges.html.
On the other hand, this page gives the possiblity to download the desired badge.
Google doesn't seem to provide these images with an "https" url, which creates warning on the browser if the user is accessing the website with https.
I was wondering if I am allowed to host the image of the Google badge on the website that is using it, and therefore being able to access the image through https connection when desired.

Related

Google OAuth Application Verification without Website

I am using the OAuth Functionality in a local Console Program to request the Videos for my Youtube Channel and upload Videos to Youtube.
For the Example which Google gives OAuth is used to authenticate to be able to retrieve the wanted data. But the Videos I am uploading keep getting put to private because my API Service is not verified.
Now I want to verify my API Service but I dont have a website for it so I can't provide any links for data security information or the main page of it. I mean it is a desktop app which only I am using and which is not meant to be publicly available.
How can I fulfill the verification process without any option to provide this informations?
private videos
If you check the top of the page for Videos: insert you will find that your videos are being uploaded private because your app has not been though a security audit.
app verification
In order to apply for app verification there are a number of urls that you need to supply
You will need to register a domain and claim it in web masters and then you will be able to add them.
If you want to be able to upload public videos via the YouTube Data api your app needs to be verified. In order to verify it you need to be able to show the TOS, privacy policy and the application home page. There is no way around this even if its a desktop app. Even if its single user you still need to do this.
I have a video which shows you what you need to know to verify your app.
What you need to know about Google verification in 2021.

Firebase web push notification in iframe is only working in firefox

I am using firebase for web push notification it is working perfect when I used it in same domain, but I have only one ssl domain and many non ssl website. So I have plan to use it in iframe and integrate this facility in all my non ssl websites too.
URL is
https://htmlcodeplay.com/notification/notification/index.html?websiteid=3
I have integrate it through iframe like below
<iframe src='https://htmlcodeplay.com/notification/notification/index.html?websiteid=3'></iframe>
I have integrate this lines into my blogger https://allinworld99.blogspot.in. But it is working perfectly in Firefox browser but not in chrome browser. No errors also displayed.
As per this link Does my web application require SSL for Firebase Cloud Messaging for Web to work?. It should not work, but how it is working in firefox browser.
I am not able to find a reference right now, but you want to do
embed a "push notification webpage" inside another via iframe
is blocked by Chrome for security reasons.

Google Oauth2 in embedded browser (web view)

I added Google OAuth2 to my website. I noticed that when the website was opened in a embedded browser (web view), redirecting to google auth page (see the link below) will fail with error:
"403 disallowed_useragent".
Here is the link:
https://accounts.google.com/o/oauth2/v2/auth?client_id=813505898895-9vocl0haapnp562pn1hmut2sibregabn.apps.googleusercontent.com&response_type=code&scope=openid%20profile%20email&redirect_uri=http%3A%2F%2Fwww.antgora.com%2Fauth1%2Fsign-in%2Fgoogle&state=6515338772758876.%2F
I get that Google no longer allows OAuthrequests to Google in web view. But here is the strange thing. The google sign in demo
developers.google.com/identity/sign-in/web/sign-in work fine when opened in web view. I managed to find the client_idand redirect_uri used in the demo and replace them into the my google auth link (see the updated link below), the updated link can now magically open in web view.
https://accounts.google.com/o/oauth2/v2/auth?client_id=831371170934-udapit5jhjj56pft5l2drc9gjhfeclf3.apps.googleusercontent.com&response_type=code&scope=openid%20profile%20email&redirect_uri=storagerelay%3A%2F%2Fhttps%2Fgoogle-developers.appspot.com%3Fid%3Dauth58372&state=6515338772758876.%2F
Notice that I changed only client_idand redirect_url and nothing else. Later I found more client_idsthat also works with webview. I am wondering is there any specific settings for these client_ids to work?
Also I want to know what's the recommended fix to:
"403 disallowed_useragent"?
My website has no native app. And most likely, people will just open the website they received on online chat in a webview. I'd like to avoid showing the :
"403 disallowed_useragent"
error when they click *sign-in by Google*.

SDwebimage cannot get image from an unverified https

I question for my ios app development.
I used sdwebimage to get some image from my own server which is a https one.
However, i did not buy a certificate and the server address was not verified.
Therefore, the app failed to get the image. I've tried to get an image from amazon via https. It worked.
Is there any configuration should I do to my app so that it could get the image from my server?
thanks

Javascript Error on Facebook Login using Chrome - Unsafe JavaScript attempt to access frame with URL. Domains, protocols and ports must match

I have been running the facebook c# sdk successfully for a good year or more, and it stopped working early december. This was due to the API changes at Facebook, and an informative error told me that i needed to use some new parameters in my calls (specifically oAuth: true )
I read up on the changes, and updated the sdk via nuget, which is now running on version 5.4.1.0 of Facebook.JavascriptMvcWebsite and FacebookWebMvc and the other required libraries that make up the facebook c# sdk.
Now, when clicking the facebook login button i get a different error...
Unsafe JavaScript attempt to access frame with URL https://www.facebook.com/login.php?api_key=251066398241630&skip_api_login=1&display=popup&cancel_url=https%3A%2F%2Fs-static.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%26error_reason%3Duser_denied%26error%3Daccess_denied%26error_description%3DThe%2Buser%2Bdenied%2Byour%2Brequest.%23cb%3Df3570617%26origin%3Dhttp%253A%252F%252Fgem.local%252Ffbb4f09e%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df1c822218c&fbconnect=1&next=https%3A%2F%2Fwww.facebook.com%2Fdialog%2Fpermissions.request%3F_path%3Dpermissions.request%26app_id%3D251066398241630%26redirect_uri%3Dhttps%253A%252F%252Fs-static.ak.fbcdn.net%252Fconnect%252Fxd_proxy.php%253Fversion%253D3%2523cb%253Df3570617%2526origin%253Dhttp%25253A%25252F%25252Fgem.local%25252Ffbb4f09e%2526relation%253Dopener%2526transport%253Dpostmessage%2526frame%253Df1c822218c%26sdk%3Djoey%26display%3Dpopup%26response_type%3Dtoken%252Csigned_request%26fbconnect%3D1%26from_login%3D1&rcount=1 from frame with URL http://gem.local/Account/LogOn. Domains, protocols and ports must match.
The console window in Chrome then racks up about 5 of these errors a second, all coming from the facebook login dialog.
I have tried modifying the fbChannel.ashx file to explicity use http:// instead of just // (which respects the current protocol) and also have done the same in FacebookInit.cshtml, but none of this is making any difference.
I also modified my facebook app settings to allow deprecated code...
What am i missing here? I understand why the browser is having a fit over cross domain access, but what is causing this? Have facebook completely switched to https? can i still use facebook logins over http?
I have a test site up where you can see the error in action
Any help appreciated.
Clear the App Domain Field (leave it blank) in Facebook Application --> Basic Info

Resources