i was trying to find some examples that would give me some pointers on how to create an http server within a chrome extension, but haven't had any luck. does anyone know a how to start an NPAPI,NACL http server?
Thanks
Short answer: not possible.
If you want to open a port on a local machine to allow connections, then that is not allowed by the web security model. NaCl runs with the same privileges as JavaScript, no extra holes. However, you may specify extra flags to chrome on start to get more permissions from NaCl, such as open debug port, or get access to raw network sockets.
If you want to 'emulate' an HTTP server to make your extension keep using it regardless of being offline, then it is easier to use the PostMessage API.
Related
Is it possible to get html of webpage without server knowing this. I mean without http request. Aren't all servers connected into internet. If I am right, it is just like filesystem: servers are just child folders and internet is the main folder(or a disk). So if i am correct the whole internet is pretty similar to a filesystem. So (only if i am right) it could be possible, to navigate to one server, and open some random html file in it, just like you open a file in a folder in File explorer. So I am asking: is it possible, and if it is how could I do it.
You're right in that all servers are connected to the internet (although that's something of an oversimplification, the details aren't really relevant here). However, while those servers may have their own internal filesystem, you can't (generally speaking) browse them like a filesystem locally connected to your computer. Your computer and the server need to send data back and forth to get any files. The way this is done is with a protocol. HTTP (HyperText Transport Protocol) is one such protocol. If the server also accepts another protocol, such as FTP (File Transfer Protocol), you may be able to avoid using HTTP and get the files more directly, but in any case, the server still needs to send your computer data, which may be logged.
Is it possible to get html of webpage without server knowing this. I mean without http request.
Normally no, but under certain circumstances, yes. It's a http request (or whatever protocol the resource uses) still though.
Consider a corporate proxy. It downloads a page one time. The page may have a timestamp in it telling the proxy for how long it's allowed to cache it. All subsequent requests for that page from within the corporation may be served by the proxy server only - and the original server out there on the internet who published the webpage in the first place wouldn't know anything about it.
Aren't all servers connected into internet
No.
Many servers providing services to individuals and corporations are not. Some (many) have internet access but do not listen for incomming requests. Others have no internet access whatsoever.
If I am right, it is just like filesystem: servers are just child folders and internet is the main folder(or a disk).
Well... perhaps it could be viewed that way.
So if i am correct the whole internet is pretty similar to a filesystem. So (only if i am right) it could be possible, to navigate to one server, and open some random html file in it, just like you open a file in a folder in File explorer.
So I am asking: is it possible, and if it is how could I do it.
Kind of. You could use a webcrawler to scan a site but unless the server is improperly setup, you'll only have access to what the person behind the server wants you to have access to - and there are usually logs telling that person who (what IP number) did what.
A web server is only going to be listening for HTTP requests and it will only deliver the pages it is setup to deliver. A server may support additional protocols like FTP but again it will only serve up the files it has been told to.
If you want access to a remote computers filling system then you will need a different protocol and access rights on the remote machine. Have a look at SMB 3.0 for ideas.
I'd like my beta application to upload logs to a server and/or email them to me. Part of the reason is that the target users are frequently non-technical, and this also raises the issue of my application triggering a Firewall "do you want to allow this" popup.
Of course everyone has firewalls configured differently but are there techniques I can use which will be very unlikely to be blocked?
I would prefer to use something very simple like WinINet to upload the file directly to a server directory so I don't have to write a server application... is FTP a viable option here or is FTP typically blocked?
I am creating one Flex application which needs to show results from a webservice, hosted in our network itself. It's an internal application, but due to the strict secured environment, we need to open firewall to access other hosts or services.
For my application, I had opened the firewall from my server. But since Flex calls the webservice from the client, its impractical to open the firewall from all the clients.
I found we can use the proxy service of BlazeDS. I tried that also but didnt succeed. I did a vast search over the internet also, but failed on getting the detailed working way of the proxy service of BlazeDS. Do anyone know how this proxy works? Even we are calling the destination of the BlazeDS, will at any time Flex calls the WSDL url directly from the client?
Thanks in Advance,
Anoop
Im new in C++.
I need to listen HTTP requests.
Please advice me some good tutorials or examples
Thanks
update:
Platform: Windows
Language: C++
I will explain more clearly what i need
when user clicks row on this page: http://ucp-anticheat.org/monitor.html applications is automatically starts on client machine.
I want to make same thing.
I think on client side is service which listens http requests and if url starts with steam:// service automatically runs application...
Do i need to listen http requests?
What is best solution for my problem?
You can listen to http requests through a web server like mongoose , which can be easily used in C++ http://code.google.com/p/mongoose/ , and here is a good example of using mongoose web server http://code.google.com/p/mongoose/source/browse/examples/hello.c
I m not sure what you mean 'client side', if you are meaning Browser as your client, you can't control nothing outside your browser. If you want to control a machine, you need your client machine to run your exe, that has the code to act based on your server instructions.
You should create a simple server program, create a SOCKET listening on default http, https etc, ports. Usually we do it inside a loop (at each one you make a read).
Now... would be easer if you specified if you are on Unix like OS or Windows, but from now on you can google it. Like sys/socket.h or try "man 7 socket" on almost all linux (at least the ones I know).
If you want to sniff something you can google some specific apps around web.
If i get your question right, you want to be able to launch an application when someone clicks a link with a custom protocol, like steam:// or telnet://. You are looking for an Protocol Handler.
A simple way to register such an application is using the ftype program, as described here.
I am pretty new to security aspect of application. I have a C++ window service (server) that listens to a particular port for http requests. The http requests can be made via ajax or C# client. Due to some scope change now we have to secure this communication between the clients and custom server written in C++.
Therefore i am looking for options to secure this communication. Can someone help me out with the possible approaches i can take to achieve this.
Thanks
Dpak
Given that you have an existing HTTP server (non-IIS) and you want to implement HTTPS (which is easy to screw up and hard to get right), you have a couple of options:
Rewrite your server as a COM object, and then put together an IIS webservice that calls your COM object to implement the webservice. With this done, you can then configure IIS to provide your webservice via HTTP and HTTPS.
Install a proxy server (Internet Security and Acceleration Server or Apache with mod_proxy) on the same host as your existing server and setup the proxy server to listen via HTTPS and then reverse proxy the requests to your service.
The second option requires little to no changes to your application; the first option is the better long-term architectural move.
Use HTTPS.
A good toolkit for securing your communication channel is OpenSSL.
That said, even with a toolkit, there are plenty of ways to make mistakes when implementing your security layer that can leave your data open to attack. You should consider using an existing https server and having it forward the requests to your server on the loopback channel.
It's reasonably easy to do this using either OpenSSL or Microsoft's SChannel SSPI interface.
How complex it is for you depends on how you've structured your server. If it's a traditional style BSD sockets 'select' type server then it should be fairly straight forward to take the examples from either OpenSSL or SChannel and get something working pretty quickly.
If you're using a more complex server design (async sockets, IOCP, etc) then it's a bit more work as the examples don't tend to show these things. I wrote an article for Windows Developer Magazine back in 2002 which is available here which shows how to use OpenSSL with async sockets and this code can be used to work with overlapped I/O and IOCP based servers if you need to.