IRC Log Viewer » #firebreath » 2013-07-01

IRC Nick Time (GMT-7) Message
rostig 02:07 Has anybody used NpapiBrowserHost.GetAuthenticationInfo method in chrome / firefox?
In my case I'm using:
char * username; uint32_t ulen = 0; char * password; uint32_t plen = 0;
NPError err = npapihost->GetAuthenticationInfo("http", "", 80, "Basic", "Myrealm", &username, &ulen, &password, &plen );
In opera it worked. In chrome & firefox it returns err = NPERR_GENERIC_ERROR, and ulen = plen = 0 (username, password - bad ptr)
If you succeeded please post your snippet.
codamigo 07:07 Hi FB gurus, got a question for you. We need to have FB returning a picture located on the local OS to the calling JS....possible ?
reichi 08:07 why not?
codamigo 08:07 why not ? so you think it's possible to return binary data directly to JS ?
reichi 08:07 the standard way to do so is using the "data:image/type;base64" directive
so you base64 encode your picture
codamigo 08:07 how if we have a 15mpx pic, it is too big for base64 encoding
reichi 08:07 and return the base64 to your browser
there is no other way
you either host it
or inline it
codamigo 08:07 :-(
reichi 08:07 if you want to inline it you'll have to use base64
but indeed npapi is really made for exchanging big chunks of data
is really NOT made for
codamigo 08:07 agree
reichi 08:07 the only thing i know of would be the html5 file api
but that will limit browser-compat
codamigo 08:07 but we need NPAPI to avoid user interaction
reichi 08:07 i guess you'll have to opt for the lesser evil than
taxilian 08:07 good morning
codamigo you could use an embedded web server, but that will cause issues if you need to run on https
codamigo 08:07 good idea,we were actually discussing about it :D
anyway, thanks for help reichi
taxilian 08:07 there is a HTTPService lib in the firebreath codebase that is an embedded web server
it may need to be updated to the latest boost to use, though
and it isn't well documented
but it does work
codamigo 08:07 interesting
taxilian 08:07 or did
codamigo 08:07 ty
taxilian 08:07 good luck
codamigo 09:07 thank you guys. great work at FB here, we really appreciate
c u
taxilian 09:07 please contribute back in some way if you're able
docs, examples, etc
whatever you can do
and good luck
fengyushx 09:07 Hi, I want to access the external cocoa framework with firebreath. And I successfully connected with IOKit.framework, but when I did the same way to access with Foundation framework, it will throw me a lot of errors says "Unknown type name NSString "
As well as "Expected unqualified -id"
taxilian 09:07 if you want to use obj c it has to be a .mm file
fengyushx 09:07 Could you tell me how to fix it ? or provide some suggestions ? thanks :) I am very new in firebreath and cmake
taxilian 09:07 rename the file to .mm
fengyushx 09:07 rename the error file to .mm?
taxilian 09:07 the error file?
the file you want to use cocoa calls in
needs to be an objective c++ or objective c file
therefore the extension needs to be .mm
fengyushx 09:07 ok, so all I need to do is to rename that file right?
and then add the #include again ?
taxilian 09:07 probably
you'll need to rerun the prep script as well
fengyushx 09:07 Got it . I will try it . Thanks !!
rostig 09:07 duplicated my question here
taxilian 09:07 rostig I've never tried getauthenticationinfo, so I'm not sure the answer to your question
himalayan 10:07 is it possible to turn off all security mechanisms (i.e. stack cookies, aslr, DEP) in a firebreath plug-in?
taxilian 10:07 sure isn't
or I should say, not with the plugin itself
it might be possible to tweak browser settings until you get to that point
himalayan 10:07 great, thanks. I was suspicious that my plan wouldn't work.
taxilian 10:07 ?
himalayan 10:07 Nothing malicious, just messing around. Is it the way plug-ins in general work or is it because of the firebreath framework? If I wrote it in straight NPAPI could I call C++ things like setDepPolicy()?
taxilian 10:07 firebreath doesn't add any security; there are a few things that stop you
the first is that you're in a medium integrity process at best
I'm pretty sure you can't call that unless you're in a high integrity process
and in IE w/ UAC you may even be in a low integrity process
I guess I should be more specific; I'm not 100% sure that none of htose things are possible, but you have the same privileges as the browser process you live in
and most likely that process doesn't have those privileges
himalayan 10:07 that makes sense. I was trying to think about the plugin like I would an ordinary application. I appreciate your advice.
taxilian 11:07 yeah; a plugin is a lot like an ordinary application, except that you don't own the process
so you get no control over hwen it starts or stops and any "global" process settings. you can change those things, but you really shouldn't and there is no guarantee they'll stay changed
tonikitoo 13:07 hi there. I am my FireBreath plugin bundled into a Chromium extension, and it works fine. One thing that just brought my attention is that if I have my plugin in webpages of X different tabs, my "MyPlugin" ctor is only called once.
should not the ctor of my plugin be called X times instead?
taxilian 13:07 it probably depends on how you use the extension
if hte extension has its own DOM and the plugin is placed into that DOM then the plugin will only be instantiated once, for that extension
I would presume
if you inject it into each page, then it will be instantiated for each page
tonikitoo 13:07 taxilian, I am injecting it for each page loaded
taxilian 13:07 aparently not =]
tonikitoo 13:07 right, I was expecting it to be called for each page, as well
taxilian 13:07 or I should say, whatever you think you're doing to inject it isn't working the way you think it does
tonikitoo 13:07 I am injecting it from a "content script" ( )
which the docs say "it executes in the context of the web page"
taxilian 13:07 but how are you injecting it?
tonikitoo 13:07 I just checked Chromium's JS Console, and each pages' DOM has the <embed> tag I injected
taxilian 13:07 I wouldn't use embed, use object instead
but that's a side note
tonikitoo 13:07 I am using this to get it injected:
taxilian 13:07 never do that
don't ever set the type before putting it into the body
in fact, I really don't recommend you create an embed tag that way; rather, I'd recommend you create the html as a string and set innerHTML of a div
tonikitoo 13:07 ah ok. I remember reading a comment (from you) about it on stackoverflow, iirc.
fair tip. I can change that, indeed.
taxilian, that should not be the problem, right. Since I am able to interct with the plugin from each web page I injected it into
(using Chromium's JS console)
taxilian 13:07 try it before you make assumptions
that's my bet is where the problem is
if that doesn't change anything then my next bet is that you actually are getting the ctor called for each, your tests just aren't showing it properly
and you can check that by having each instance return something different or have a method you can call to set a value and then check it
see if it really is reusing the same instance
tonikitoo 13:07 k, thanks