[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

talking to installed programs from javascript

Posted on 2013-12-05
28
Medium Priority
?
368 Views
Last Modified: 2013-12-11
Hi Experts,

I know that browsers in general do their best to prevent you from talking to anything else on your system with javascript.  But let's say you have a native application already installed on a user's machine.  You can make a localhost call to that application to communicate with it with cross-domain scripting.  However, its port can change, so in order to communicate with it, you're left with a number of options:
1-  You're SOL.
2-  You attempt localhost calls and try a number of ports (takes too long).
3-  What else??

Thanks!
Mike
0
Comment
Question by:thready
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 14
  • 8
  • 3
  • +1
28 Comments
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 568 total points
ID: 39699300
"a localhost call" will try to connect to port 80 where a web server would be listening.  So you would have to have a web server running to connect to anything.  I can't see it working.  That is exactly the kind of thing that browser security is intended to block to prevent outsiders from breaking into your machine.
0
 
LVL 1

Author Comment

by:thready
ID: 39699322
No- you can specify the port- but for obvious reasons - you can't assume (especially) port 80 for your own product...  We already have this working well with cross domain scripting.  Our only problem is that the port can change so we want to be sure we have a way of "detecting" our software running on the user machine.

I'm trying to think of whether there are companies out there that are able to launch their own native app on the machine from their website...  Hmmmm...
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 568 total points
ID: 39699335
Why would the port change in your own software?  Things like Flash and JAVA can be used to talk to the underlying machine though you may have to 'sign' the code to get it to run.  I know that if you go to the iTunes store, it is able to check to see if iTunes is installed on your computer.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:thready
ID: 39699347
Right - the idea is just to try not to hardcode the port.  We may have to in the end, but the goal is to find a way not to "have to" for now...
0
 
LVL 1

Author Comment

by:thready
ID: 39699353
good example with iTunes!  I'll try to see what they're doing!  Gotta go install that bloatware now....  Thank goodness for VMs!  :)
0
 
LVL 1

Author Comment

by:thready
ID: 39699373
Protocol handlers...
0
 
LVL 1

Author Comment

by:thready
ID: 39699449
We can use:  OurSpecificProtocol://some/rest/call

Our app would open and be able to respond to this.  But the question is, what happens on different browsers with this type of request?  Can you wrap the call in a javascript try/catch, and if your native app is not responding, fall back to something else?
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39699521
I have no idea.  Click on "Request Attention" above to get some more help.
0
 
LVL 70

Assisted Solution

by:Merete
Merete earned 284 total points
ID: 39703778
Well I don't what your trying to achieve with program installed on a local machine and a web page
Anything to do with Video?
An outside idea
Have you looked at Silverlight business.
With Silverlight, developers use their existing skills and environments -- .NET, C#, XAML, VB.NET, WPF, Visual Studio, Expression Blend, Eclipse – to build applications that work on major browsers across Windows, Mac, Linux and native apps on Windows Phone 7.
http://www.microsoft.com/silverlight/business/
Silverlight Media
http://www.microsoft.com/silverlight/
ABOUT
http://www.microsoft.com/silverlight/what-is-silverlight/

Java is being exploited by malware and at high risk these days.
So that may work against you with Microsoft Windows and those Ports.
Securing Your Java Source Code
What actions can I take to increase the security of Java?
http://www.java.com/en/download/faq/security-tips.xml
Beware of increasingly advanced exploits targeting flaws in Java that will never be fixed
Source
0
 
LVL 30

Accepted Solution

by:
Olaf Doschke earned 1148 total points
ID: 39704193
What's wrong with hardcoding a port? Main services have a hardcoded port and that's not a problem. If you want to make it configurable, how about storing that port number somewhere you can get at? Eg your installed local app saves it's used port to a mysql database on your website, either by remote mysql access or through an API call. Your javascript then could lookup the current port from your central database. The confidentiality of the port number is compromised between your customer and you, but as you want and need to know the port anyway, that shouldn't be a problem.

To not make the port number a public known secret you can do the API call taking and storing the client side port number encrypted, for example. So the secret stays with you and your customer.

Bye, Olaf.
0
 
LVL 1

Author Comment

by:thready
ID: 39704195
Thanks for your response.  Java and silverlight are not good options for us though, we don't want any downloads in our scenario.  We would basically just like to detect our program if it's there rather than continue in the web page.
0
 
LVL 1

Author Comment

by:thready
ID: 39704197
I agree with you Olaf, but my boss doesn't...  I'm SOL on that one... :-)
0
 
LVL 30

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 1148 total points
ID: 39704199
You can also get at local store data from javascript and I'm unsure, but a desktop app should also be able to save something in there, too. A single key/value pair is sufficient, you might also use a cookie. Problem is this would all be browser specific.

Bye, Olaf.
0
 
LVL 30

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 1148 total points
ID: 39704202
What are the concerns of your boss in regard of the mysql server solution? Too many traffic to your website? It's just one request SQL query adding to all the ones you will have for the web part of your application anyway.

You can also push this one step further and have a few database holding a number of ports and locations of further lookup databases as fault tolerance/replication of that data.

Bye, Olaf.
0
 
LVL 1

Author Comment

by:thready
ID: 39704274
Yup I thought about storing the ports in a database too, but that idea won't work because of logistics. (Trust me on this, long story)...
0
 
LVL 1

Author Comment

by:thready
ID: 39704280
Local store data? You mean browser specific data stores?

I was hoping the web page could get some info from the machine it's on, maybe get at something that the native app could set as info for it to pick up.  

Like, iTunes web page knowing iTunes app is installed, or Oracle knowing java is installed, or maybe some other good example...
0
 
LVL 30

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 1148 total points
ID: 39704288
Well, I saw your itunes example, don't know how they do it. I assume they use a certain port or bind a self defined protocol to it.

But local store is a core part of HTML5 and all browsers support it today. It's well established. Cookies are of course even older, but both of this is bound to the browser used, there is no browser unspecific local store or cookie folder, each browser has it's own.

If you limit this to work in IE, Firefox, Chrome and Safari it may well be doable for your app to create a cookie in all browser profiles you detect on the system, and that surely can be read from javascript.

Browser automation would be a sure way, if you start your javascript part from your desktop app. That's limited to IE/Windows, though.

Bye, Olaf.
0
 
LVL 1

Author Comment

by:thready
ID: 39704291
Thanks Olaf :-)
0
 
LVL 1

Author Closing Comment

by:thready
ID: 39711219
thanks everyone!
0
 
LVL 30

Expert Comment

by:Olaf Doschke
ID: 39711230
Did you get something to work? With what solution die you and up?
0
 
LVL 1

Author Comment

by:thready
ID: 39711243
I think we're going for the hard coded port.  Not much choice I guess...  :o)
0
 
LVL 30

Expert Comment

by:Olaf Doschke
ID: 39711278
Sorry, this was autocorrection. Set to Herman AS default language.

Die -> did
And -> end

Okay, hardcoded port seems simplest.
0
 
LVL 1

Author Comment

by:thready
ID: 39711300
Fewf!  I thought I was getting death threats for a second there...  ;o)
0
 
LVL 30

Expert Comment

by:Olaf Doschke
ID: 39711330
Herman -> german

My goodness
:o)
0
 
LVL 1

Author Comment

by:thready
ID: 39711378
lol!  I was seriously wondering what you were talking about on that one.. (need coffee #2 though...)  :o)
0
 
LVL 30

Expert Comment

by:Olaf Doschke
ID: 39711400
:) Well, at least you have a funny start into the day.

Bye, Olaf.
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . Websites are getting bigger and more complicated by the day. Video, images and custom fonts are all great for showcasing your product or service. But the price to pay in…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question