Firefox: visually flag redirect in address bar - firefox

I'm wondering if there's any way to have Firefox 3 (or IE 7 or safari 3.1 or Opera) flag that a redirect has occurred (i.e. any deltas between the hyperlink or URL entered into address bar, and the page you land on), whether you've arrived from a hyperlink or entering URL into address bar.
I've googled some, looked at the linker addon, but the rightclick is an additional step I don't want to have to do.
Edit: If anybody can point me at the mozilla docs that show how to track clicked links and pages landed on in different tabs, i'll take a crack at writing a bookmarklet. TIA

I don't think this will help, since you don't want to do the right click for the linker add-on, but if I needed to do know if I was being redirected, I would use the LiveHTTPHeaders extension. It supports regular expressions, so you can only get headers that include 'Location'.
The reason I don't think it is what you are looking for is that you have to open it before the link, it won't "flag" a redirect and pop a message up or anything.

Not sure if that's exactly what you need, but the NoRedirect extension seems to be related to your problem. Quoting it's description:
NoRedirect lets the user take control of HTTP redirects. It can be used to interdict an ISP's DNS search redirection hijacks, preview/screen "shortened" URLs (e.g., TinyURL), stop the annoying redirection of "smart" error pages, etc.
If that's not what you wanted, looking into the extension's code might at least help you find some hooks for your proposed bookmarklet.

Related

Suppress Firefox/Firebug SHA-1 warning

I use Firebug for web development. Since version Firefox 37 I see the following annoying message in my console:
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1"
I understand that it is an important message, but it is duplicated many times and makes my work almost impossible.
Moreover, it appears every time my page communicates with other pages, for example with Google Analytics and other counters. So if I were to update my certificate, this message would still appear because these sites would have SHA-1.
So any site with GA gives me trouble.
How can I disable or filter this message?
As stated in the Firebug discussion group, Firebug's Console panel currently (Firebug 2.x) cannot filter single messages out. You can only filter by messages matching a specific text using the search field.
There are enhancement requests like issue #4507 reported to add such a filter, though it is unlikely that this will get implemented in Firebug, especially not in version 2.x, directly.
Firebug 3 will integrate into the built-in DevTools, which allow you to filter those warnings by unchecking Warnings within the Security menu inside the Console panel:
Besides that I created bug 1170476 asking to reduce the messages to a minimum.
Update:
Firebug development is discontinued. Instead, there is a Firebug theme available within the Firefox DevTools starting from Firefox 48. Bug 1170476 is fixed since Firefox 42, so you will only see one message logged with a counter showing how often the message occurred.
you can get rid of the message, but you have to modify firebugs code.
Sorry forgot to mention you need to convert the .xpi to .zip and extract the files first. You can leave the folder as is when done or zip it and convert it to an xpi again. You will need to restart Firefox.
locate the pluggin in your firefox profile dirctor and go to this file "\extensions\firebug#software.joehewitt.com\content\firebug\console\errors.js".
search for "logScriptError: function(context, object, isWarning)".
After the code "var error = new ErrorMessageObj(object.errorMessage, object.sourceName, object.lineNumber, object.sourceLine, category, context, null);".
input the following code:
if(error.message.indexOf('SHA-1') != -1 || error.message.indexOf('Security Policy') != -1){
return false;
}
should be about line 330.
Select the Console tab and, keeping pressed Ctrl on the keyboard, click on Errors, Info, Debug Info, Cookies.
Bear in mind that this will disable the output of all the warnings logged in Firebug and not only the ones generated by googleapis.
Remove HTTPS from the URL or keep all resources local.

How to prevent Firebug 2 spewing out SHA-1 certificate warnings in the console [duplicate]

I use Firebug for web development. Since version Firefox 37 I see the following annoying message in my console:
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1"
I understand that it is an important message, but it is duplicated many times and makes my work almost impossible.
Moreover, it appears every time my page communicates with other pages, for example with Google Analytics and other counters. So if I were to update my certificate, this message would still appear because these sites would have SHA-1.
So any site with GA gives me trouble.
How can I disable or filter this message?
As stated in the Firebug discussion group, Firebug's Console panel currently (Firebug 2.x) cannot filter single messages out. You can only filter by messages matching a specific text using the search field.
There are enhancement requests like issue #4507 reported to add such a filter, though it is unlikely that this will get implemented in Firebug, especially not in version 2.x, directly.
Firebug 3 will integrate into the built-in DevTools, which allow you to filter those warnings by unchecking Warnings within the Security menu inside the Console panel:
Besides that I created bug 1170476 asking to reduce the messages to a minimum.
Update:
Firebug development is discontinued. Instead, there is a Firebug theme available within the Firefox DevTools starting from Firefox 48. Bug 1170476 is fixed since Firefox 42, so you will only see one message logged with a counter showing how often the message occurred.
you can get rid of the message, but you have to modify firebugs code.
Sorry forgot to mention you need to convert the .xpi to .zip and extract the files first. You can leave the folder as is when done or zip it and convert it to an xpi again. You will need to restart Firefox.
locate the pluggin in your firefox profile dirctor and go to this file "\extensions\firebug#software.joehewitt.com\content\firebug\console\errors.js".
search for "logScriptError: function(context, object, isWarning)".
After the code "var error = new ErrorMessageObj(object.errorMessage, object.sourceName, object.lineNumber, object.sourceLine, category, context, null);".
input the following code:
if(error.message.indexOf('SHA-1') != -1 || error.message.indexOf('Security Policy') != -1){
return false;
}
should be about line 330.
Select the Console tab and, keeping pressed Ctrl on the keyboard, click on Errors, Info, Debug Info, Cookies.
Bear in mind that this will disable the output of all the warnings logged in Firebug and not only the ones generated by googleapis.
Remove HTTPS from the URL or keep all resources local.

How to access unrelated browser window?

So I know this might sound crazy, as it is technically a security concern which I understand. So I'm just trying to find out if there's any ideas on how to handle something like this.
Anyways, long story short, I was told to look into figuring out a possible way to scrape information from another browser window/tab. I have been asked to do this because, and I know this sounds crazy too, but the users of our website are incompetent enough to not be able to copy/paste and or type correctly something from a different website. I know it's tough for some to have to have several things in their workflow, but this is basically what they do: Go to their first website (after logging in) and bring up a record with information on it...including an identification number. Then, the user should take that number and go to the second website, our website (after logging in), and type it that number in a textbox (and eventually do some other stuff). But we have found that getting that identification number from the first website to ours is difficult for them. Some copy/paste correctly, some copy/paste too much text from the page, some write it down on paper then type it in our website, and some just seem to have trouble visually "copying" the number from site to site.
What I was thinking was that this could happen: the user would have already brought up the record on the first site, then they would come to ours. They could click a button, and that would run whatever I/we here come up with, that goes and finds the other browser window, finds the specific text needed, and puts it in our textbox. Sounds simple, right? HA.
The first website is not owned or managed by us in any way, otherwise this might be a little easier.
A little bit of background information: unfortunately, I'm technically targeting IE >= 10 through 9, so if there's a solution just for this (why I tagged vbscript), then that's great. If there's a broader solution (like with an applet or browser extensions... http://crossrider.com/ ), then that's even better, but not important. If it helps, we already have a hidden applet on the page that accesses the OS (yes, it has the mayscript attribute on the element so it is able to), so I thought that could be something to incorporate with. Also, the way I expect to know which window/tab to access is by URL and/or document title - either will be very specific.
We cannot install stuff on the users' computers, at least something outside of the browser (like extensions). I'm not sure how browser extensions work, so I'm wondering if they'd need to be "installed".
I know of HTML5's postMessage, but it only has partial support in IE (and none in IE <= 7)...and the partial support refers to not including exactly what I might need. It also requires that the other website be listening (which we don't have control over, but technically might be possible to include). So it doesn't count :)
The things I found with Java are to possibly find the list of processes currently running, but I don't know how to access/control one. Especially how to access the browser's Document.
And vbscript...I just don't know. I don't know if it's just me, but I can't seem to find good documentation on it, so I'm not sure what can be done with it.
Even if I could get control of the other browser window, I don't know how I would get information from it (like the DOM).
I'm not looking for code, just ideas...I'll do the research. And although it may sound impossible, don't just brush it off because Javascript can't do it - I haven't.
UPDATE:
I ended up developing a browser extension with http://www.crossrider.com/ which wasn't ideal, but works.
You could use a bookmarklet for this ... the user would have to drag the bookmarklet into their bookmarks bar on their browser, but if doing that wasn't beyond your user's abilities/the technical restrictions you've mentioned, then you'd definitely be able to send the information you need back to your site that way.
You'd just need to give your users instructions to:
i) drag the bookmarklet into their bookmarks bar on their browser
ii) go to the website in question and click the bookmarklet
you could code the bookmarklet so that it would grab the info you need, and redirect the browser to your website. All done in one click.
I think you may be thinking about it in the wrong way when you talk about posting from one 'window' to another. You could write the bookmarklet so that it would do a http post of whatever information you wanted into your site from the other site, and it could also redirect the window that they were looking at when they clicked it (the other site) to your site. Or if, for some reason, you didn't want to redirect the the window that they had the 'other' site in to your site, then you could add a listener to your site so that once the bookmarklet had posted the info you require then the window with your displaying could automatically update. The first option would make more sense and be easier though.
Maybe to open the other site from button/link resided in your site using window.open() method?

Microsoft Security login box when downloading Word document

I've looked around online for this but can't seem to find an answer anywhere so hopefully someone can help.
I'm getting a "Windows Security" popup appearing on a site I've created (and so are others which is who I need to fix it for rather than myself) when trying to download a word document or excel file. PDFs seem fine.
An example page is http://www.christletonhigh.co.uk/school_information/uniform.php if you click to download the “Uniform Prices & Order Form” in the bottom right.
There’s no SSL on the site and the error only comes up on IE (I'm using IE9 on Windows 7 which I've seen others mentioning online as their setup with this happeneding) and doesn’t seem to effect all files so it’s a bit confusing. Clicking cancel on the popup causes the document to open anyway.
Anyone have any ideas please? The client tells me that the documents causing the problems have never been password protected.
For the reference, here's the detailed explanation why this happens: http://support.microsoft.com/kb/2019105
Solution mentioned by Anshuman should work: create script that adds "Content-Disposition" header with "attachment" value. For example: Content-Disposition: attachment; filename="myfile.doc". This will force all the content (including PDF, images, etc.) to be downloaded.
Security settings aside, other browsers seem to handle this more gracefully than IE9. Chrome, for example, seems to handle the download of the document with ease, and not result in a Windows Security dialog prompting for credentials to their network...
The users can disabled the 'protected view' settings from Word options | Trust Center, and the document will open with no dialog (probably not desirable to instruct them to do this)
I suppose this is the risk one takes when having users download content which require other applications to handle. a PDF would be better (hence the "P" for "Portable"), so if they can use PDF, that would be my first advice.
This issue comes when you give the direct URL path of the file and let the browser handle the file. To resolve this create a php script that explicitly downloads the file. Hope this helps :)

How do I disable Firefox's "Search for text when I start typing" on pages with keyboard shortcuts?

Some web pages such as GMail and Reddit(with the Reddit Enhancement Suite) have useful keyboard shortcuts that I'd like to use. However, whenever I start typing on one of these pages, the first onkeypress event fires, but then the "Search for text when I start typing" search bar opens and blocks further keys.
I don't want to disable "Search for text when I start typing" as I use it on most other web pages. Is there any way to selectively disable it, or to make a keyboard shortcut/bookmarklet to toggle it?
To disable this in firefox, just go to "Options->General Tab->Browsing and disable "Search for text when I start typing". More info here . This is very useful in some cases, for example when you try to play WebGL games or when using pages like Gmail or Protonmail that have their own kb shortcuts.
UPDATED to version 73.0.1- In previous versions of Firefox this is in "Tools->Options->Advanced->General Tab" or in "Preferences->General->Browsing"
This is still an issue huh? I love this feature but It also bothers me every now and then. There are some pages that get it right. I never dug into how they do it. For instance:
zty.pe - JS browser typing game. Would be pretty bad if typing caused searching here. It actually captures the keys just when the game starts and NOT by default on the page.
That is not Firefox or any other browser feature. To do this, you have to write server and client side code.
Catch text that user types into input, and send it using preferably AJAX to server-side script. Then server side script should look up for matches in DB (some search engine), and return possible combinations. All you have to do on client side (JS) is to show returned results in some nice way - like in google - you can use for example simple html lists, but you have to code some css to make it look properly. Also nice feature is to code JS to work on up/down keys and enter for selecting element (it should also work for mouse).
It's not very simple to do by yourself, but you have now idea how to do it. You could also google for some scripts - surely there is something :)
Good luck!

Resources