Difference between revisions of "Browser"

From MgmtWiki
Jump to: navigation, search
(User Sessions)
(Website Control)
Line 14: Line 14:
 
All of the content in the HTTP packet is (nearly) completely controlled by the website and interpreted by the DOM in the Browser. That include access to all APIs in the browser accessible by [[JavaScript]].
 
All of the content in the HTTP packet is (nearly) completely controlled by the website and interpreted by the DOM in the Browser. That include access to all APIs in the browser accessible by [[JavaScript]].
  
 +
===WebControl===
 +
The website can bring up a browser control inside the browser window like this description:
 +
 +
public partial class Form1 : Form
 +
{
 +
    public Form1()
 +
    {
 +
        InitializeComponent();
 +
        this.Load += Form1_Load;
 +
    }
 +
    private void Form1_Load(object sender, EventArgs e)
 +
    {
 +
        this.webBrowser1.Navigate("http://www.google.com");
 +
        this.webBrowser1.DocumentCompleted += webBrowser1_DocumentCompleted;
 +
    }
 +
    void webBrowser1_DocumentCompleted(object sender, WebBrowserDocumentCompletedEventArgs e)
 +
    {
 +
        string content = "<div style=\"background:#f00;\"><h1>HACKED</h1></div>";
 +
        this.webBrowser1.Document.GetElementById("gb").InnerHtml = content;
 +
    }
 +
}
  
 
==User Control==
 
==User Control==

Revision as of 15:28, 26 August 2022

Full Title or Meme

A fully integrated computer application that not only browses the World Wide Web, but also acts a user agent establishing session with user credentials.

Context

  • Users are accustomed to the display and searching capabilities of the browser and typically start there in spite of numerous efforts to create some other primary start page for user interactions or user experience application.
  • With the advent of the Progressive Web App, there is an effort by the browser programmers to provide the user with an experience equal to that

Problems

The Application Program Interface (API) in the browser is limited to HTML, CSS and JavaScript, standardized as ECMA Script to satisfy Microsoft's pique.

User Sessions

Website Control

All of the content in the HTTP packet is (nearly) completely controlled by the website and interpreted by the DOM in the Browser. That include access to all APIs in the browser accessible by JavaScript.

WebControl

The website can bring up a browser control inside the browser window like this description:

public partial class Form1 : Form
{
   public Form1()
   {
       InitializeComponent();
       this.Load += Form1_Load;
   }
   private void Form1_Load(object sender, EventArgs e)
   {
       this.webBrowser1.Navigate("http://www.google.com");
       this.webBrowser1.DocumentCompleted += webBrowser1_DocumentCompleted;
   }
   void webBrowser1_DocumentCompleted(object sender, WebBrowserDocumentCompletedEventArgs e)
   {
string content = "

HACKED

";
       this.webBrowser1.Document.GetElementById("gb").InnerHtml = content;
   }
}

User Control

There are some elements that are under the control of the user configuration settings.

References

See Trusted Browser for all user expectation of security from their Browser.