i want to be able to store and retrieve data online using a username and a password so a userscript that runs on a webpage can have personalized information.For example i want to write notes for users in a forum and want to retrieve them from any computer that my userscript is installed.
I thought google spreadsheets would do the trick but i havent been able to implement it.
I also have thought of using something like persistencejs https://github.com/zefhemel/persistencejs/blob/master/docs/sync.md or http://www.sencha.com/products/io/ but neither of them are simple enough for the knowledge on programming i have.
So is there a simple way of doing this?
there is no easy way to do this, you have to store data in your server and create a connection between your server and userscript.
here is how you can do that,
create a login box in your userscript, so users can login.
get username and password and send it your server page with GM_xmlhttpRequest.
chrome and firefox support cross domain xhr with GM_xmlhttpRequest, so you will not have problem about that if you are writing that script for firefox or google chrome.
in your server page get username and password and check them for matching in your database, than create json response that contains data for matched user.
get response of request in your userscript and do what you want.
Related
I have a question regarding the development of a Chrome extension.
I want to scrape the content of a website and compare all plain text with a database.
When a word of the scraped content is the same as in the database a message will be displayed in the extension popup?
Is this possible to create?
Yes, it is possible.
To accomplish this, you would need to use the Chrome Extension API to interact with the web page and the extension. You could use the Content Script API to scrape the plain text from the webpage and send it to a background script for comparison with the database.
In the background script, you could use a library like WebSQL to store and query the database. When a match is found, you could use the Messaging API to send a message to the extension popup to display the message to the user.
Be sure that you are not violating any website's terms of service or data privacy laws. It's important to properly secure any user data that is stored or transmitted by the extension.
I am currently attempting to develop a quick tool that would allow me to check my cellular plan balance (carrier being MetroPCS). To do this, I need to be able to login to the metro website with a library (like python requests) that does not render javascript. While checking the post request for the login form on metro's website, I noticed that the password field (labeled "verificationValue") seems to be encrypted. This obviously means I cannot login with a plain text password. Encrypted pin number
I have attempted to look up ways to somehow trace back the javascript that may handle encrypting the password field before it is sent as a post request but was unable to find anything that I could understand.
you should try to find a way to interact with the service directly, bypassing the login form. For example, you might be able to use an API provided by the service to check your balance, rather than logging in to the website
I have recorded script in jmeter for login into system. However, there is a security question page is displayed once user login with correct credential. When user click on login button, system post the data but on second page when user answer and click on button, system post data using ajax/js script and this is not recorded in jmeter. As per my understanding, js is not supported in jmeter. Now the question is how should I record second page to post security question using ajax/jmeter? Is there any solution for this?
I would appreciate your inputs.
Thanks,
JMeter, when testing web services, basically does not matter whether you are using java, javascript or ajax at client side. JMeter will record HTTP requests including request headers and responses from clients and during testing it will simulate the same requests for the specified number of users(threads). You can easily reproduce the web services if you know all the details of the web-request(host, method(get/post), request parameters, request headers, etc.). If you don't know the details or facing problems then you can use Developer tools>Network (press f12 in Chrome) to get the details of web requests. In your case, you closely observe the web request in ajax call using developer tools and provide the details in JMeter.
If you want to pass login credentials, you can make use of user defined variables in jmeter. You can set values in variables and make use it in requests as ${variable_name}
If you need to do some computations,you can use beanshell components or BSF samplers.
If you want extract value(to a variable) from the response data sent from the server and reuse them, then use regular expression extractor.
I have a client who would like the most recent post displayed on their site (along with like and comment counts) plus a link to the actual post. Their page is public, so I can view it in a browser without being logged in. Let's just say it's Nike.
http://www.facebook.com/nike (public)
http://graph.facebook.com/nike/feed (wait, i need to authenticate to see this?)
I went through the trouble of setting up a dummy app on a dummy account, got an access_token an was able to pull what I needed using javascript(Jquery). The reason I'm doing it this way is because the client has sensitive data and other apps/sites on this server and does not want to involve their IT department to QA my code.
Before final handoff, they'll likely set up their own facebook app on their account. This would significantly raise the stakes if someone decided they wanted to play with that access_token.
I'm mostly a front-end guy who's done some small php sites/apps, so what would you recommend I do?
Thanks for your time!
I don't know about facebook in particular, but typically if you want to protect api access credentials you would proxy the request through your server, and just send the results to the client (so the access key only exists on the server). Alternately, and I'm not sure that facebook provides this, some APIs will give you a user token, which does not expose your access key, but allows the client to call the api.
In my Google App Engine app I want to pass this user information
user = users.get_current_user()
to the Chrome extension in a url paramenter when the user clicks a button in the app.
How can I do this?
I read about Cross-Origin HMLHttpRequest but that seems about sending info to the app not about receiving.
This is a follow up to my other questions on this subject.
You can't pass information to the background via a URL parameter like this, but you've got a couple of options.
Probably the easiest way to do this would be to have the extension inject a content script in to your app. Since the content script runs in the context your your web app, it has access to the user details and any other information you might want to pass.
Then, via Message Passing (see http://code.google.com/chrome/extensions/messaging.html), you could send a message to the background page with the information that you're trying to send.
This is from a while ago, but just in case someone stumbles upon it as I did today.
Sending the user email as a URL parameter is totally unsafe. Anyone using curl or their browser can make requests pretending to be any random user. If users can alter data with their requests, or if they should not be able to see each others data then you shouldn't follow this approach.
You should use GAE's cookie based user's service instead:
python version
java version