How to force a browser when connecting to a specific domain to be https only using only the client machine?

Is it possible to force a client (browser or host machine or etc) to only make https connections to a specific URL/domain?

(preferably non-admin/root fixes if possible)

Here is a fabricated scenario:

Lets say someone hosted a website, and they didn’t put in an http -> https redirect and the web-server is serving requests on both 80/443 http/https respectively.

We are the client machine we work at a company and they wont fix the web-server for one reason or another. We do not have other machines to use as a proxy and have no control over the network. Now we could just make a bookmark (or other form of workflow that forces our actions to always reach https) but there has to be a way built in to browsers that can, say, “Do not connect to this domain/url unless using this protocol”.

This would be my preferred approach if possible.

This is very frustrating for people who are security focused as accidentally hitting the http version will leak your session ID and if you login there RIP password.

I searched online but surprisingly found nothing.

‘Failed to find font-family tag’ when uploading using Chrome browser on Android

I have an javascript app which uploads photos. Uploading works when developing locally in my Chrome browser. However when I run the app on my android phone (or my android notepad), it ignores the first time I select a photo and only works the second time I select a photo (could be a different photo second time). This is the case when selecting an existing photo, or when taking a picture (fist time nothing happens, second time uploads as should). I tried to debug this using a usb connection with Chrome remote devices, but then suddenly the ‘bug’ is gone (photo gets uploaded on first selection).

Another thing I tried: I selected chrome://user-actions in another chrome tab. As soon as I do however the bug is gone again, it works as should so I can not debug!

On both Firefox and Safari the upload of photos works as should.

I installed Android Studio and can now connect my phone via usb and get useful logs in the Logcat window of Android Studio. When bug occurs I get following logs that look like the culprit to me:

E/ResourcesCompat: Failed to find font-family tag  

For example a succesful upload:

2019-04-20 09:42:44.669 1090-1211/? E/storaged: getDiskStats failed with result NOT_SUPPORTED and size 0 2019-04-20 09:43:00.546 1831-1875/? W/libprocessgroup: Failed to open process cgroup uid 99035 pid 17754: No such file or directory 2019-04-20 09:43:00.547 1831-1875/? E/libprocessgroup: Error encountered killing process cgroup uid 99035 pid 17754: No such file or directory 2019-04-20 09:43:00.587 1831-1878/? E/KernelCpuSpeedReader: Failed to read cpu-freq stats for CPUs 4-7 2019-04-20 09:43:00.588 1831-1878/? E/KernelCpuSpeedReader: Failed to read cpu-freq stats for CPUs 0-3 2019-04-20 09:43:22.689 905-1110/? W/qti_sensors_hal: processReportInd: lux: 123, ch0: 84, ch1: 151, pData: 24, pOffset: 6 2019-04-20 09:43:23.186 905-1650/? W/qti_sensors_hal: reportSingleEvent: NearBy 1, pData 108, pOffset 6, highThres 97, lowThres 72 2019-04-20 09:43:23.282 905-1650/? W/qti_sensors_hal: reportSingleEvent: NearBy 0, pData 31, pOffset 6, highThres 97, lowThres 72 2019-04-20 09:43:23.672 905-1110/? W/qti_sensors_hal: processReportInd: lux: 142, ch0: 95, ch1: 163, pData: 5, pOffset: 6 2019-04-20 09:43:42.544 18563-18563/? E/contentprovide: Not starting debugger since process cannot load the jdwp agent. 2019-04-20 09:43:44.671 1090-1211/? E/storaged: getDiskStats failed with result NOT_SUPPORTED and size 0 2019-04-20 09:43:46.515 905-1110/? W/qti_sensors_hal: processReportInd: lux: 165, ch0: 108, ch1: 171, pData: 6, pOffset: 6 2019-04-20 09:43:47.506 9494-9494/? E/ResourcesCompat: Failed to find font-family tag 2019-04-20 09:43:47.509 9494-9494/? E/ResourcesCompat: Failed to find font-family tag 

A Failed upload:

2019-04-20 09:45:00.184 1831-1875/? W/libprocessgroup: Failed to open process cgroup uid 99037 pid 19100: No such file or directory 2019-04-20 09:45:00.184 1831-1875/? E/libprocessgroup: Error encountered killing process cgroup uid 99037 pid 19100: No such file or directory 2019-04-20 09:45:00.216 9494-9494/? E/ResourcesCompat: Failed to find font-family tag 2019-04-20 09:45:00.225 1831-1878/? E/KernelCpuSpeedReader: Failed to read cpu-freq stats for CPUs 4-7 2019-04-20 09:45:00.222 9494-9494/? E/ResourcesCompat: Failed to find font-family tag 2019-04-20 09:45:00.227 1831-1878/? E/KernelCpuSpeedReader: Failed to read cpu-freq stats for CPUs 0-3 2019-04-20 09:45:00.247 19263-19263/? E/decoder_servic: Not starting debugger since process cannot load the jdwp agent. 2019-04-20 09:45:00.313 19263-19279/? W/FileUtils: Failed to chmod(/data/user/0/com.android.chrome/app_chrome): android.system.ErrnoException: chmod failed: EACCES (Permission denied) 2019-04-20 09:45:00.314 19263-19279/? E/cr_PathUtils: Failed to set permissions for path "/data/user/0/com.android.chrome/app_chrome" 2019-04-20 09:45:00.314 19263-19279/? W/FileUtils: Failed to chmod(/data/user/0/com.android.chrome/app_textures): android.system.ErrnoException: chmod failed: EACCES (Permission denied) 2019-04-20 09:45:00.314 19263-19279/? W/ContextImpl: Failed to ensure /data/user/0/com.android.chrome/cache: mkdir failed: EACCES (Permission denied) 2019-04-20 09:45:00.314 19263-19279/? W/ContextImpl: Failed to update user.inode_cache: stat failed: EACCES (Permission denied) 2019-04-20 09:45:00.315 19263-19279/? W/ContextImpl: Failed to ensure /data/user/0/com.android.chrome/cache: mkdir failed: EACCES (Permission denied) 2019-04-20 09:45:00.315 19263-19279/? W/ContextImpl: Failed to update user.inode_cache: stat failed: EACCES (Permission denied) 

Only pointer I find is that for all failures the Failed to find font-family tag comes BEFORE Failed to read cpu-freq stats.

Any clues?

Browser inside a browser

import webview from flask import FLask webview.create_window("google", "http://www.google.com",width=800, height=600, resizable=True, fullscreen=False) 

This opens a gui window that fetches google.com I want that instead of the gui opening I can redirect the output page into flask app that renders in on the browser.

Similar to a small web browser inside a flask app.

How to make external script inaccessible by browser and accessible by cron? Magento 2

I have made a few external php scripts to update quantity and tracking numbers,etc Right now, i’m putting them in magento root and set the permission to 640. However, it’s still accessible by the public and/or the browser. I would like to make it accessible by cron and the owner/group only.

Best practice for use of grid in the web (desktop browser) application, scrolling is the biggest concern

Grid is the name for the extended table component, that allows the scrolling, ordering, sorting, grouping of the columns, allows to select one or more rows, sometimes allows to select single cells and that sometimes allows to edit cells. Cells can have quite complex editors (date/time, mask-edit, color picker, file loader, and so on). Usually there are quite complex grid components available from the component vendors.

My question concerns web (for desktop browser) application. There are 2 examples how the grid can be set up:

  • https://devexpress.github.io/devextreme-reactive/react/grid/demos/featured/data-editing/ Good: the grid uses the the page scroll. Bad: the page scroll can move the column header row (column titles) away from the visible field of the page
  • https://devexpress.github.io/devextreme-reactive/react/grid/demos/featured/virtual-scrolling/ Good: the grid at least tries to provide the fixed (always visible) header row. Bad: the grid uses inner scroll and such inner scorll may (or may not) interfere with the page scroll, double scrolling is really confusing.

Grid is provided as the one component (e.g. as the React component/tag). The best use that I can imagine is: the grid component should fill all the remaining space of the page, strictly use the vertical and horizontal scroll of the page (and does not try to introduce its own internal scrolls) and that some parts of the component (e.g. fixed header row and maybe fixed footer row (with the numerical summaries for each of the column)) are position-fixed in the page so that they remain visible all the time. Does this usage description adheres to the best practices of the UX? Or maybe I should avoid the tabular grids in the modern web application (e.g. the list of panes in the stackexchange’s question timeline is one example for alternative solution). Scrolling and absolute positioning of the header and footer rows are my biggest concerns.

I am developing application of the desktop browser. This application expects quite complex actions from the user that is why I don’t predict that the application will be used from the mobile devices. Of course, I can provide the mobile version as well, but I don’t see why users should use it.

How to access files via localhost in firefox browser

I’m looking for a way to access my devices files in Firefox. The reason for this is I want to use an extension to read *.md file.

I know that I can use file:/// to access files, but the extension can’t use this way. The only way is to use localhost. I have searched around but have only found talk about accessing the PC via localhost. I want to access the local android files.

Here is the link to the extension I want to use: Markdown Viewer