weitzman
commented
9 years ago There are browser add-ons already, at least for Chrome and Safari. They are preferable to the bookmarklet for security reasons.
Open scottchiefbaker opened 9 years ago
weitzman
commented
9 years ago There are browser add-ons already, at least for Chrome and Safari. They are preferable to the bookmarklet for security reasons.
carlthewebmaster
commented
9 years ago In chrome, what I do is to add a custom search engine pointing to
javascript:window.open('https://chriszarate.github.io/supergenpass/mobile/', '_blank');So to open SGP Mobile, I hit CTRL+L then type sgpm and hit enter, and SGP mobile opens in a new tab, with the domain of the original tab already in place.
chriszarate
commented
9 years ago Seems like browser extension is the best approach. Unfortunately, I don't have time for an official version, but there are plenty out there. Open to pull requests to create one, bonus points if it uses the existing code. Also supergenpass.com is served from the gh-pages and I'll take PRs there, too.
scottchiefbaker
commented
9 years ago @carlthewebmaster how does sgpm map to opening a new tab with that URL? How does the mobile version have the domain pre-populated?
carlthewebmaster
commented
9 years ago The new tab opens via window.open, and I believe the domain field is populated based on the referrer (the domain of the page where that javascript is called. See:
https://github.com/chriszarate/supergenpass/blob/master/src/mobile/sgp.mobile.js#L97-L105
homlett
commented
8 years ago Why not a Custom Buttons version of the bookmarklet? Not a button loading the bookmarklet (that'll not solve the issue), but a "pure" Custom Buttons code (javascript), ran in the Custom Buttons' sandbox. The code should be very similar to the bookmarklet I guess, so it would be easy to maintain it.
Custom Buttons : https://addons.mozilla.org/en/firefox/addon/custom-buttons/
jmichael2497
commented
5 years ago one common recommendation is to download the source code from github and run it in its own browser window on the local device (not that hard to copy and paste), with bonus that you can modify the source code settings to work how you like, and then maybe with some extra security like marking files read only as well or something.
(although of course there is the issue with mobile devices like android where anytime something is copied to the clipboard, there is basically a shoutout (intent) saying,"hey look at me, i've been copied to the clipboard" and gives malicious apps a chance to harvest passwords or whatever else)
and i don't really know enough about the separation of browser add-ons, but would imagine that should also be more secure than using a bookmarklet? unless it is just the same thing in a different wrapper.
glukki
commented
3 years ago Wouldn't drop of jQuery dependency solve the issue?
More and more sites are block SGP (requiring the mobile version), are there any plans to work around this? Create a browser add-on? Something that runs entirely in userspace?