Solved

talking to installed programs from javascript

Posted on 2013-12-05
28
338 Views
Last Modified: 2013-12-11
Hi Experts,

I know that browsers in general do their best to prevent you from talking to anything else on your system with javascript.  But let's say you have a native application already installed on a user's machine.  You can make a localhost call to that application to communicate with it with cross-domain scripting.  However, its port can change, so in order to communicate with it, you're left with a number of options:
1-  You're SOL.
2-  You attempt localhost calls and try a number of ports (takes too long).
3-  What else??

Thanks!
Mike
0
Comment
Question by:thready
  • 14
  • 8
  • 3
  • +1
28 Comments
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 142 total points
ID: 39699300
"a localhost call" will try to connect to port 80 where a web server would be listening.  So you would have to have a web server running to connect to anything.  I can't see it working.  That is exactly the kind of thing that browser security is intended to block to prevent outsiders from breaking into your machine.
0
 
LVL 1

Author Comment

by:thready
ID: 39699322
No- you can specify the port- but for obvious reasons - you can't assume (especially) port 80 for your own product...  We already have this working well with cross domain scripting.  Our only problem is that the port can change so we want to be sure we have a way of "detecting" our software running on the user machine.

I'm trying to think of whether there are companies out there that are able to launch their own native app on the machine from their website...  Hmmmm...
0
 
LVL 83

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 142 total points
ID: 39699335
Why would the port change in your own software?  Things like Flash and JAVA can be used to talk to the underlying machine though you may have to 'sign' the code to get it to run.  I know that if you go to the iTunes store, it is able to check to see if iTunes is installed on your computer.
0
 
LVL 1

Author Comment

by:thready
ID: 39699347
Right - the idea is just to try not to hardcode the port.  We may have to in the end, but the goal is to find a way not to "have to" for now...
0
 
LVL 1

Author Comment

by:thready
ID: 39699353
good example with iTunes!  I'll try to see what they're doing!  Gotta go install that bloatware now....  Thank goodness for VMs!  :)
0
 
LVL 1

Author Comment

by:thready
ID: 39699373
Protocol handlers...
0
 
LVL 1

Author Comment

by:thready
ID: 39699449
We can use:  OurSpecificProtocol://some/rest/call

Our app would open and be able to respond to this.  But the question is, what happens on different browsers with this type of request?  Can you wrap the call in a javascript try/catch, and if your native app is not responding, fall back to something else?
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39699521
I have no idea.  Click on "Request Attention" above to get some more help.
0
 
LVL 70

Assisted Solution

by:Merete
Merete earned 71 total points
ID: 39703778
Well I don't what your trying to achieve with program installed on a local machine and a web page
Anything to do with Video?
An outside idea
Have you looked at Silverlight business.
With Silverlight, developers use their existing skills and environments -- .NET, C#, XAML, VB.NET, WPF, Visual Studio, Expression Blend, Eclipse – to build applications that work on major browsers across Windows, Mac, Linux and native apps on Windows Phone 7.
http://www.microsoft.com/silverlight/business/
Silverlight Media
http://www.microsoft.com/silverlight/
ABOUT
http://www.microsoft.com/silverlight/what-is-silverlight/

Java is being exploited by malware and at high risk these days.
So that may work against you with Microsoft Windows and those Ports.
Securing Your Java Source Code
What actions can I take to increase the security of Java?
http://www.java.com/en/download/faq/security-tips.xml
Beware of increasingly advanced exploits targeting flaws in Java that will never be fixed
Source
0
 
LVL 29

Accepted Solution

by:
Olaf Doschke earned 287 total points
ID: 39704193
What's wrong with hardcoding a port? Main services have a hardcoded port and that's not a problem. If you want to make it configurable, how about storing that port number somewhere you can get at? Eg your installed local app saves it's used port to a mysql database on your website, either by remote mysql access or through an API call. Your javascript then could lookup the current port from your central database. The confidentiality of the port number is compromised between your customer and you, but as you want and need to know the port anyway, that shouldn't be a problem.

To not make the port number a public known secret you can do the API call taking and storing the client side port number encrypted, for example. So the secret stays with you and your customer.

Bye, Olaf.
0
 
LVL 1

Author Comment

by:thready
ID: 39704195
Thanks for your response.  Java and silverlight are not good options for us though, we don't want any downloads in our scenario.  We would basically just like to detect our program if it's there rather than continue in the web page.
0
 
LVL 1

Author Comment

by:thready
ID: 39704197
I agree with you Olaf, but my boss doesn't...  I'm SOL on that one... :-)
0
 
LVL 29

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 287 total points
ID: 39704199
You can also get at local store data from javascript and I'm unsure, but a desktop app should also be able to save something in there, too. A single key/value pair is sufficient, you might also use a cookie. Problem is this would all be browser specific.

Bye, Olaf.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 29

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 287 total points
ID: 39704202
What are the concerns of your boss in regard of the mysql server solution? Too many traffic to your website? It's just one request SQL query adding to all the ones you will have for the web part of your application anyway.

You can also push this one step further and have a few database holding a number of ports and locations of further lookup databases as fault tolerance/replication of that data.

Bye, Olaf.
0
 
LVL 1

Author Comment

by:thready
ID: 39704274
Yup I thought about storing the ports in a database too, but that idea won't work because of logistics. (Trust me on this, long story)...
0
 
LVL 1

Author Comment

by:thready
ID: 39704280
Local store data? You mean browser specific data stores?

I was hoping the web page could get some info from the machine it's on, maybe get at something that the native app could set as info for it to pick up.  

Like, iTunes web page knowing iTunes app is installed, or Oracle knowing java is installed, or maybe some other good example...
0
 
LVL 29

Assisted Solution

by:Olaf Doschke
Olaf Doschke earned 287 total points
ID: 39704288
Well, I saw your itunes example, don't know how they do it. I assume they use a certain port or bind a self defined protocol to it.

But local store is a core part of HTML5 and all browsers support it today. It's well established. Cookies are of course even older, but both of this is bound to the browser used, there is no browser unspecific local store or cookie folder, each browser has it's own.

If you limit this to work in IE, Firefox, Chrome and Safari it may well be doable for your app to create a cookie in all browser profiles you detect on the system, and that surely can be read from javascript.

Browser automation would be a sure way, if you start your javascript part from your desktop app. That's limited to IE/Windows, though.

Bye, Olaf.
0
 
LVL 1

Author Comment

by:thready
ID: 39704291
Thanks Olaf :-)
0
 
LVL 1

Author Closing Comment

by:thready
ID: 39711219
thanks everyone!
0
 
LVL 29

Expert Comment

by:Olaf Doschke
ID: 39711230
Did you get something to work? With what solution die you and up?
0
 
LVL 1

Author Comment

by:thready
ID: 39711243
I think we're going for the hard coded port.  Not much choice I guess...  :o)
0
 
LVL 29

Expert Comment

by:Olaf Doschke
ID: 39711278
Sorry, this was autocorrection. Set to Herman AS default language.

Die -> did
And -> end

Okay, hardcoded port seems simplest.
0
 
LVL 1

Author Comment

by:thready
ID: 39711300
Fewf!  I thought I was getting death threats for a second there...  ;o)
0
 
LVL 29

Expert Comment

by:Olaf Doschke
ID: 39711330
Herman -> german

My goodness
:o)
0
 
LVL 1

Author Comment

by:thready
ID: 39711378
lol!  I was seriously wondering what you were talking about on that one.. (need coffee #2 though...)  :o)
0
 
LVL 29

Expert Comment

by:Olaf Doschke
ID: 39711400
:) Well, at least you have a funny start into the day.

Bye, Olaf.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now