Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 375
  • Last Modified:

talking to installed programs from javascript

Hi Experts,

I know that browsers in general do their best to prevent you from talking to anything else on your system with javascript.  But let's say you have a native application already installed on a user's machine.  You can make a localhost call to that application to communicate with it with cross-domain scripting.  However, its port can change, so in order to communicate with it, you're left with a number of options:
1-  You're SOL.
2-  You attempt localhost calls and try a number of ports (takes too long).
3-  What else??

Thanks!
Mike
0
thready
Asked:
thready
  • 14
  • 8
  • 3
  • +1
7 Solutions
 
Dave BaldwinFixer of ProblemsCommented:
"a localhost call" will try to connect to port 80 where a web server would be listening.  So you would have to have a web server running to connect to anything.  I can't see it working.  That is exactly the kind of thing that browser security is intended to block to prevent outsiders from breaking into your machine.
0
 
threadyAuthor Commented:
No- you can specify the port- but for obvious reasons - you can't assume (especially) port 80 for your own product...  We already have this working well with cross domain scripting.  Our only problem is that the port can change so we want to be sure we have a way of "detecting" our software running on the user machine.

I'm trying to think of whether there are companies out there that are able to launch their own native app on the machine from their website...  Hmmmm...
0
 
Dave BaldwinFixer of ProblemsCommented:
Why would the port change in your own software?  Things like Flash and JAVA can be used to talk to the underlying machine though you may have to 'sign' the code to get it to run.  I know that if you go to the iTunes store, it is able to check to see if iTunes is installed on your computer.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
threadyAuthor Commented:
Right - the idea is just to try not to hardcode the port.  We may have to in the end, but the goal is to find a way not to "have to" for now...
0
 
threadyAuthor Commented:
good example with iTunes!  I'll try to see what they're doing!  Gotta go install that bloatware now....  Thank goodness for VMs!  :)
0
 
threadyAuthor Commented:
Protocol handlers...
0
 
threadyAuthor Commented:
We can use:  OurSpecificProtocol://some/rest/call

Our app would open and be able to respond to this.  But the question is, what happens on different browsers with this type of request?  Can you wrap the call in a javascript try/catch, and if your native app is not responding, fall back to something else?
0
 
Dave BaldwinFixer of ProblemsCommented:
I have no idea.  Click on "Request Attention" above to get some more help.
0
 
MereteCommented:
Well I don't what your trying to achieve with program installed on a local machine and a web page
Anything to do with Video?
An outside idea
Have you looked at Silverlight business.
With Silverlight, developers use their existing skills and environments -- .NET, C#, XAML, VB.NET, WPF, Visual Studio, Expression Blend, Eclipse – to build applications that work on major browsers across Windows, Mac, Linux and native apps on Windows Phone 7.
http://www.microsoft.com/silverlight/business/
Silverlight Media
http://www.microsoft.com/silverlight/
ABOUT
http://www.microsoft.com/silverlight/what-is-silverlight/

Java is being exploited by malware and at high risk these days.
So that may work against you with Microsoft Windows and those Ports.
Securing Your Java Source Code
What actions can I take to increase the security of Java?
http://www.java.com/en/download/faq/security-tips.xml
Beware of increasingly advanced exploits targeting flaws in Java that will never be fixed
Source
0
 
Olaf DoschkeSoftware DeveloperCommented:
What's wrong with hardcoding a port? Main services have a hardcoded port and that's not a problem. If you want to make it configurable, how about storing that port number somewhere you can get at? Eg your installed local app saves it's used port to a mysql database on your website, either by remote mysql access or through an API call. Your javascript then could lookup the current port from your central database. The confidentiality of the port number is compromised between your customer and you, but as you want and need to know the port anyway, that shouldn't be a problem.

To not make the port number a public known secret you can do the API call taking and storing the client side port number encrypted, for example. So the secret stays with you and your customer.

Bye, Olaf.
0
 
threadyAuthor Commented:
Thanks for your response.  Java and silverlight are not good options for us though, we don't want any downloads in our scenario.  We would basically just like to detect our program if it's there rather than continue in the web page.
0
 
threadyAuthor Commented:
I agree with you Olaf, but my boss doesn't...  I'm SOL on that one... :-)
0
 
Olaf DoschkeSoftware DeveloperCommented:
You can also get at local store data from javascript and I'm unsure, but a desktop app should also be able to save something in there, too. A single key/value pair is sufficient, you might also use a cookie. Problem is this would all be browser specific.

Bye, Olaf.
0
 
Olaf DoschkeSoftware DeveloperCommented:
What are the concerns of your boss in regard of the mysql server solution? Too many traffic to your website? It's just one request SQL query adding to all the ones you will have for the web part of your application anyway.

You can also push this one step further and have a few database holding a number of ports and locations of further lookup databases as fault tolerance/replication of that data.

Bye, Olaf.
0
 
threadyAuthor Commented:
Yup I thought about storing the ports in a database too, but that idea won't work because of logistics. (Trust me on this, long story)...
0
 
threadyAuthor Commented:
Local store data? You mean browser specific data stores?

I was hoping the web page could get some info from the machine it's on, maybe get at something that the native app could set as info for it to pick up.  

Like, iTunes web page knowing iTunes app is installed, or Oracle knowing java is installed, or maybe some other good example...
0
 
Olaf DoschkeSoftware DeveloperCommented:
Well, I saw your itunes example, don't know how they do it. I assume they use a certain port or bind a self defined protocol to it.

But local store is a core part of HTML5 and all browsers support it today. It's well established. Cookies are of course even older, but both of this is bound to the browser used, there is no browser unspecific local store or cookie folder, each browser has it's own.

If you limit this to work in IE, Firefox, Chrome and Safari it may well be doable for your app to create a cookie in all browser profiles you detect on the system, and that surely can be read from javascript.

Browser automation would be a sure way, if you start your javascript part from your desktop app. That's limited to IE/Windows, though.

Bye, Olaf.
0
 
threadyAuthor Commented:
Thanks Olaf :-)
0
 
threadyAuthor Commented:
thanks everyone!
0
 
Olaf DoschkeSoftware DeveloperCommented:
Did you get something to work? With what solution die you and up?
0
 
threadyAuthor Commented:
I think we're going for the hard coded port.  Not much choice I guess...  :o)
0
 
Olaf DoschkeSoftware DeveloperCommented:
Sorry, this was autocorrection. Set to Herman AS default language.

Die -> did
And -> end

Okay, hardcoded port seems simplest.
0
 
threadyAuthor Commented:
Fewf!  I thought I was getting death threats for a second there...  ;o)
0
 
Olaf DoschkeSoftware DeveloperCommented:
Herman -> german

My goodness
:o)
0
 
threadyAuthor Commented:
lol!  I was seriously wondering what you were talking about on that one.. (need coffee #2 though...)  :o)
0
 
Olaf DoschkeSoftware DeveloperCommented:
:) Well, at least you have a funny start into the day.

Bye, Olaf.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 14
  • 8
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now