is there any open source or free "web based proxy" server project that I can look into? I looking for one that don't required configuring browser sock..etc and having web basad interface. Does squid able to do that?
I used to need that several yeas ago. I don't think any supports SSL:
PHProxy - Supports javascript and cookies, but not AJAX or Flash that loads external content (such as youtube)
PHP-Proxy - I don't remember much about this one, but I remember it not playing well with images.
glype - This is a new one for me, I've never tried it.
Related
I want to make a Firefox extension that can store and retrieve data from a database. However I've only been finding solutions that would work locally for each user. I'd like every user to have access to the same database.
Is that possible?
It is possible to access remote SQL databases like MySQL and PostgreSQL with node.js modules, but it is more sensible to create REST API front ends to your databases and call them from the extension. Exposing the SQL calls directly in your web extension is not a good idea. It is basically bad security practice and will expose your database to hackers.
You will also need your addon to pass Mozilla's approval process if you are going to distribute publicly and I doubt the reviewers will be pleased to see raw SQL calls in your extension's code.
The more sensible way is to update the database is through a REST API front end.
A simple example on how to create a REST API for a Postgres database can be found at Node.js, Express.js, and PostgreSQL: CRUD REST API example - LogRocket Blog and this playlist show how to create a REST interface in a Firefox extension - Build a Firefox Extension from Scratch that integrates with Node.js - DEV Community
The above database example is quite simple. For real world use you will need a more advanced REST framework for your API which sanitizes the data before inserting it into the databasse. You have more reading to do here.
However if you need to make SQL calls directly from your extension which I still don't advise, you can include some packages from node.js in your web extension, and use browserify which extracts and packages the modules needed into your extension. Your addons though had better be for private or in-house use, not for public distribution.
Some nodejs modules for database access are - https://github.com/mysqljs/mysql, https://node-postgres.com/ and https://www.npmjs.com/package/pg.
Just a little advice. Feel free to ignore it if you have nothing to do with it. Your question sounds quiet generic. You should learn and doing it by yourself first and only ask here when there are specific issues you're stuck with.
By "locally", I think you mean via Web SQL or IndexedDB. They're called local database and their behaviors are totally different from what you're looking for.
I should haven't need to tell you to do this. Just in case. Of course first thing first you need to know how website is working for both front end and back end, not just local stuff, especially how they're communicating between each other. So you should know about HTTP request, Javascript, and AJAX.
What has it to do with Firefox extension?. Not just Firefox, browser extension is just another type of web page that overlaying the opened web page in all kind of browser. In Firefox the opened page is called activeTabs. The only difference from regular web page is you need to signup your account first, manifest.json file as your project root file, and it compile from command line with web-ext tools. In case if you're facing Cross-origin resource sharing (CORS) restriction, follow instructions HERE and allow the URL on server side.
I've been curious to try switching to Firefox Quantum from Chrome, but for web development have hit a major obstacle that I have not been able to easily resolve –– it's caching my localhost files so when I attempt to load various ember applications at localhost:4200 I end up viewing a cached application different than the one that is currently running.
Is there a way to disable caching for localhost in Firefox? And/or how to developers normally work with Firefox in this regard?
And/or how to developers normally work with Firefox in this regard?
I tend to use CTRL + F5 to do hard reload (ignores cache). Pretty standard for all browsers.
Since there is no native way to configure for individual domains, you could write a Browser Extension that can intercept responses via the webRequest API (see for example onHeadersReceived) by overriding cache headers for a selected domain (you may even be able to find one already in existence).
Or simply configure settings in developer tools to ignore cache when toolbox is open:
There is also the Forget Button that can be dragged into the toolbar from customize.
Set the HTTP Cache-Control response header to max-age=0 in your application.
I don't trust other servers (even Firefox's ;-)) and would like to store my bookmarks on my own server in order to synchronize them on different devices/PCs. So, similar to the "Sync" function within Firefox.
In the best case, there would also be a web interface to browse/manage bookmarks on my own server.
I think there is no add-on or extension for this, only different providers who store bookmarks on their servers.
How would be the best way to get this done?
This sounds the best case for wallabag. You can even have it in a docker container.
wallabag is a self hostable application for saving web pages: Save and classify articles. Read them later. Freely.
There is also an addon, wallabagger which you can link it to your own server.
References:
https://github.com/wallabag
https://wallabag.org/en/news/wallabagger-howto
This post is your answer:
https://mozilla-services.readthedocs.io/en/latest/howtos/run-sync-1.5.html
I wrote a post some time ago, about this theme (in Spanish), when the Addon "Xmarks", still permit configure a custom server. It was very easy, you only need a webdav server, and you can sync Bookmars between this, and your devices with Firefox. All right. But "Xmarks", removed the option. Thank you guys!, and now, I think we don't have any addon with this feature.
I'll try to do it with the tutorial of top answer, but its more complicated than older option.
Our iOS application uses a custom protocol (NSURLProtocol) to directly manage loading certain data needed by a UIWebview. This has worked fine until iOS 9 with XCode 7.
Now, since the main site is loaded using HTTPS, the UIWebview throws an error when the custom protocol resource is referenced, because it thinks it's insecure (in fact, it's not, we load it using SSL, just not https://). The app is already built with "Allow Arbitrary Loads" because we have some other things that require that, and I would have thought this inherited the NSTemporaryThirdPartyExceptionAllowsInsecureHTTPLoads, which it seems this is hitting up against, but who knows.
Is there any way to convince iOS 9 that our custom protocol can be accessed from HTTPS? Note - we don't use an iframe or anything like that in the UIWebview - these resources are requested using Ajax/XHR and the app's NSURLProtocol is invoked and takes over loading the data and returning the response.
The custom scheme is also listed in URL Types, but this doesn't seem to change any behavior (in or out, same error). Here's the specific error:
[blocked] The page at https://example.com/path/redacted was not allowed to display insecure content from mycustomprotocol://different.example.com/path/redacted.
EDIT: Downloaded Xcode 6.4, rebuilt the app and it seems to work just fine on iOS 9.x, no issues with the custom protocol. Obviously, this isn't a long-term solution. Hoping someone still has some insight on how to resolve in Xcode 7+.
The problem, I suspect, is that web pages served by https aren't generally allowed to include resources loaded from any URL whose scheme isn't on a specific list of known-secure schemes (at least in newer browsers).
The best way to work around the problem is to rewrite your resource URLs to begin with https: and make them all be within a specific subdomain that you own, and permanently ban any actual web use of that subdomain, then use that to determine whether your URL protocol should handle the URL, rather than using the URL scheme.
With that said, please file a bug and ask for an API to whitelist your custom protocols as "potentially secure" in UIWebView and WKWebView. In this case, it is a reasonable thing to do.
For more info on mixed content, see http://www.w3.org/TR/mixed-content/
I have a lot of experience with YUI2 and I'm getting up to speed on YUI3. The service I'm writing needs HTTPS, but the vanilla YUI experience loads from Yahoo's HTTP-only CDN, which quietly fails in Chrome and loudly fails in modern IE when the browser tries to mix an HTTPS page with HTTP javascript.
My goals are to get all of:
Site uses HTTPS
YUI works in Chrome & IE (so scripts also must be delivered over SSL)
Uses a modern version of YUI 3 (this disqualifies YUI PHP Loader which hasn't been updated to support even YUI 3.4, while 3.8 is "current")
Use roll up combos for speed instead of many JS and CSS files (this disqualifies Google's CDN... if YUI 3 is actually hosted there which I couldn't find.)
Site dynamically loads YUI dependencies (dependencies change regularly as I add functionality, going back to the configurator and saving a new bundle every time is a PITA)
The obvious solution appears to be to give up goal #5 and just self-host combos.
How can I meet all 5 goals?
The easiest way to solve it is to change base URL from
http://yui.yahooapis.com/ to
https://yui-s.yahooapis.com/
Depending upon your server environment, you have a couple of options.
Development
Download the latest YUI library, and upload the yui/build/ folder to your server. The seed file should work fine without modification, though you won't be able to take advantage of combo loading.
Production
Use the YUI Configurator to determine all the files that you will need for each module set, and download them manually from the combo links provided. Rename them to something suitable like yui3.8.0-node-rollup.js and serve these to your users.
Be advised that if you use different module sets for different scripts, you may need to make multiple sets of files from this process, depending upon how you set it up. There is also a question here about concatenating Javascript together, if you are curious.
As an addendum, in my past research, I discovered that pulling external libraries over a secure connection may not be a safe idea.