google chrome – Is it possible to run a custom script whenever loading a web page on web browsers?

I would like to block content on some specific languages whenever I open a page on my browsers (Safari and Chrome on macOS 11.4). I think the best solution is to use Google Translate API and check which language the page is written in, and according to the result show the page as it is or an error message.

However, I’m not sure if it is possible to run a custom script whenever I open a web page on my browser. If it is possible, how can I do?

magento2.4 – Magento2 supported browsers

There is a list of supported browsers in the official documentation, but if you take Korea as an example, there are cases when you use a browser other than the supported browser, so sometimes an error 302, 500 occurs.

If not, is there a way to prevent the error from appearing in other browsers if it is not a supported browser?

enter image description here

browsers – Why Vary Header is different for CURL –head and Chrome’s F12 Dev Tools

I am trying to study the HTTP response headers in popular websites. The objective is that I can cross-check with my website and adapt good things.

I tried to find how Vary header looks in the response for https://webmasters.stackexchange.com.

Based on the Curl --head and wget -S commands, the vary header is this

Vary: Fastly-SSL

However, when I examined the response via Chrome’s F12 (dev tools), the response was this

vary: Accept-Encoding,Fastly-SSL

Seems the server responds with different vary headers for different user-agents/request-headers. But why exactly this is done? Why not include Accept-Encoding for all requests? Is there some optimization which I am missing?

windows – “Secure Connection Failed” With all browsers on a single javascript resource

I’m trying to access the website of my university, but I’m getting this problem with every single browser, and it’s only affecting a single javascript file hosted on that server.

Firefox is telling me “Secure Connection Failed” after loading the javascript file “successfully” (I don’t think it ever fully loads) for a split-second. There are no further error codes, and trying the same thing in google gives me ERR_SSL_PROTOCOL_ERROR when checking the chrome dev console.

I have tried everything from clearing ssl state, all cache, reinstalling browser, installing an entirely new browser, uninstalling Avast, checking certificates, etc.

However when I use my laptop to access the resource, or access it via a VPN, it works.

Does anyone have a clue what’s going on here? The IT support of my university couldn’t help me at all.

port – Browsers won’t connect to localhost on ubuntu

I am making a simple, custom server (server.c) on my ubuntu platform, and am trying to get a browser to open up an html file (the html file is stored in the same directory as my server.c file), via my custom server. I have verified that localhost is properly connecting to the port I have designated in my code (port 7000), using telnet and netstat.

However, when I try to open the html file on a browser (http://localhost:7000/testFile.html), it sends a “refused to connect” error. Why is this? Is there a problem on the browser side? I have tested firefox and chrome, but neither work.

Exporting WebGL For Mobile Browsers

I was asked by a client to create a pretty simple 3D game that will be embedded on a website, a plain landing page that will contain the game and will be played on mobile devices.

The game itself has no complexity whatsoever, not in the functional aspect and not in the lighting/shaders aspect – the basic functionality is a simple finger swipe in order to “throw” a ball.

I have checked and concluded that opening a webGL game on mobile devices might cause issues and only high-end devices can run the game smoothly.

My question is –
Is there a go-to solution or any solution in which I can develop the game on Unity and build it for webGL in a way that it will be compatible with mobile devices?
Or my only option is to develop the game using plain JS?

chrome – Are saved passwords in browsers secure, when stored online?

Chrome stores your passwords under your Google Account. By default, they are not encrypted, so if any hacker gains access to Google’s servers, they could potentially grab your stored logins too. However, it is possible to optionally set a passphrase which will be used to encrypt your synced data. Obviously, in this case the security of your saved passwords will depend on the strength of that passphrase.

Firefox differs in that it stores your logins encrypted by default. Once again, the security of the saved passwords depends on the strength of your Firefox Account password.

In both Chrome and Firefox, once a device has been synced with your account, the saved passwords are also stored on the device.

ssl – Are there any Operating Systems or Browsers that still depend on having these Ciphers enabled?

Doing a litle Cryptography Research and hit a case of conflicting data so wanted to try here.

I’m running a Web Service and currently support these 2 Ciphers:

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0X9F) DH 4096 BITS FS 256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0XC02C) ECDH SECP521R1 (EQ. 15360 BITS RSA) FS 256

If I had to remove them due to a WAF upgrade making them incompatible, would I stop particular browsers or versions of Mobile Operating Systems being able to Handshake with me?

If yes, can you advise any alternatives for what I might impact.

Thanks!

web development – Options to notify users Single Page Application (SPA) static resources have updated if users don’t refresh their browsers

I need to design a way to notify my user the SPA has updated if they don’t refresh their browsers, i.e. if no requests to get index.html is made after the initial load, how do I notify users the javascript or css files have updated on the server? Note, it is not the REST api that my SPA communicate with updates but the SPA’s static resources.

I think the options are limited:

  1. Start a time to keep querying the latest version number
  2. Add a customer header field about the latest version in responses for most if not all XHR requests SPA send
  3. using websocket to notify SPA
  4. I am not familiar with service worker but I read articles about it may work too.

There is another problem I need to deal with, my SPA is deployed on its own server, which is separated from the REST server it communicates with(although I suspect it is common) and there are cases that the SPA has new versions while REST server doesn’t. The version number I design should be able to tell these 2 cases.

I notice folks asked this kind of questions on stackoverflow many times. I can find more 10 questions, with the earliest one I found in 2013 and the latest one in 2019. I list some here.

  1. How to handle expired files without refreshing the browser when using Single Page Application (SPA)?
  2. How to force update Single Page Application (SPA) pages?
  3. How can I force SPA clients to hard refresh if there is a new build?
  4. Refreshing a cached Angular SPA
  5. Proper way to refresh Single Page Application

The reasons I asked here are:

  1. I like to design a build process to update the SPA version automatically. Manually update the version number is error prone. None of answers seem to address this.
  2. All those Q&A on SO seemed to failed to mention the case that the SPA server and REST server is separated and what I need here is an update for SPA files. For example if I use the option 2, adding a customer header field in response I need to differentiate the SPA version and REST api version. None of the answers I saw address this. Some answers just focus on REST api version update.
  3. I believe this question should be address by a build process, a communication process and maybe a deploy model. So this is a question about SPA architecture.
  4. The mere facts that this question has been asked so many times for 8 years probably has said it clearly that there is no easy answer for it, probably even without some best practices. Some answers failed to realize is the core issue here is to retrieve index.html so focus on cache busting, file naming or setting Cache-Control, like this one How to force the browser to reload cached CSS and JavaScript files

google chrome – Why do browsers use or display expired SSL certificates?

The SSL certificate (of Let’s Encrypt) of one of our websites (https://edu.electrosuisse.ch) expired yesterday morning. It has renewed itself using the services of Let’s Encrypt several days ago. Yet the browsers that already got the old certificate seem still to be using the expired one without showing any warnings. (Shift) + Reload does not fix this.

If you open a browser window in ‘private mode’ then the new one is being used. But this does not update the cert of the regular browser window, neither.

(Also online SSL check tools show the new SSL certificate.)

Same behaviour for Firefox as with Chrome/Edge Chromium.

So there seems not to be any problem, but does anybody know why browsers do behave like this?

(Unfortunately search engines just deliver results for problems with expired certs etc.)

Info displayed in regular browser window

Validity

Not Before: Fri, 27 Nov 2020 04:43:23 GMT

Not After: Thu, 25 Feb 2021 04:43:23 GMT

Info displayed in private browser window

Validity

Not Before: Tue, 26 Jan 2021 07:47:26 GMT

Not After: Mon, 26 Apr 2021 07:47:26 GMT