Querying in Advanced REST client in Chrome [closed]

Please tell me how you can form a request in the Advanced REST client in Chrome

for example, when you go to this address https://news.s7.ru/news, a news page opens; how can I see which request is sent when I enter text in the search bar?

And please tell me how, through the Advanced REST client, make a request that searches for news on the phrase “flight”, while giving 20 news? through json request to do? Which json to enter?

Recovering local chrome passwords from dead pc [migrated]

recently my PC died and will not power on. The motherboard had a complete failure. My HDD survived. I have it set up as an external to pull my photos and such. My question comes down to transferring the local passwords I had stored on chrome. I didn’t have a google account sync. But the profiles are still accessible on the old HDD. I want to view my passwords or at least transfer them to my new pc. The older HDD belonged to a win 8.1 pc. I pulled up the Login data sqlite file but when I view it in sql server it says the password value is stored in a blob. Any advice on recovering them would be helpful,a majority of my lifes on there.

Can Chrome Extensions steal OAuth tokens from redirect-uri?

This is a duplicate of a stack overflow question, since it might apply more to security and authentication best practices.

I’m working on auth between a Chrome Extension, Google Cloud Platform, and trying to send the id_token JWT to an AWS server to retrieve user data (and/or establish a session?).

My question is this — how can I prevent chrome extensions with tabs permissions from reading the GET request or the redirected URI which has the fully-validated user JWT?

The JWT confirms that a user is who they are, but how do I know my Chrome Extension is the one making the request to my backend?

I have a few ideas:

  1. Maybe I can make a private window that only my extension can control

  2. Maybe I can somehow use the nonce or get the nonce from my server first

  3. Maybe my chrome extension has a private key or some way to verify itself with my backend, which has the public key

Any help would be appreciated, it’s difficult to research this specific scenario.


var url = 'https://accounts.google.com/o/oauth2/v2/auth' +           '?client_id=' + encodeURIComponent(chrome.runtime.getManifest().oauth2.client_id) +           '&response_type=id_token' +           '&redirect_uri=' + encodeURIComponent(chrome.identity.getRedirectURL()) +           '&scope=' + encodeURIComponent(chrome.runtime.getManifest().oauth2.scopes.join(' ')) +           '&nonce=' + Math.floor(Math.random() * 10000000);  chrome.windows.create({ url: 'about:blank' }, function ({ tabs }) {     chrome.tabs.onUpdated.addListener(         function googleAuthorizationHook(tabId, changeInfo, tab) {             if (tab.id === tabs[0].id) {                 if (tab.title !== 'about:blank') {                     console.log(url);                     if (tab.title.startsWith(chrome.identity.getRedirectURL())) {                         const id_token = tab.title.split('#')[1];                         console.log(id_token);                     } else {                         console.error(tab.title)                     }                      chrome.tabs.onUpdated.removeListener(googleAuthorizationHook);                     chrome.tabs.remove(tab.id);                 }             }         }     );      chrome.tabs.update(tabs[0].id, { 'url': url }); }); 

Website Theme Flickering in Chrome

This website – https://www.millworksconstructionservices.com/ – flickers when you scroll down in Chrome. I get this issue at home and in the office, and unofortunately clients are starting to report the issue. If I switch over to another theme, the flickering goes away. Any idea on a fix for this?

Chrome: Version 78.0.3904.108 (Official Build) (64-bit).

pasting a url into a chrome file upload dialog box

when using chrome, can a maliciously designed or temporarily compromised website that has a file upload dialog box, when selecting a file to upload on such a website, and pasting, for instance, an image from a website as the file (does this use edge?) somehow impact the explorer.exe process or windows filesystem? can this access be contained within edge’s browser cache or can it go further?

Is it normal that the service WMI Performance Adapter always starts when launching Chrome browser? Whats the reason

Is it normal that the service WMI Performance Adapter (WmiApSrv.exe) always starts when launching Chrome browser? Whats the reason?

I have heared this service can be maliciously used to “communicate” through the internet via open ports?

When I forcefull end this process in the taskmanager, Chrome keeps running perfectly, without issues.

Could it be that this WMI process is needed because one of Chrome’s features called “Conceal local IP addresses with mDNS hostnames”?

Thanks!

Site collection is not working in IE11 but works in Chrome and Firefox

I have a site, which was created using sharepoint online, that works fine on Chrome and Firefox but not working in IE11. It works fine once I change the document mode (in developer mode) to 11 instead of 10. Not sure how to make it work without changing the document mode as this is not a solution (Can’t change this setting for the computers of anyone who visits the website).