Wednesday, June 19, 2024

How to Disable PWAs in Microsoft Edge/Chrome browser

How to prevent Progressive Web Apps (PWAs) from installing on your desktop. 

A PWA is a web-based app created using HTML, CSS, and JavaScript that can be installed from a website like a regular desktop application. Once installed, the operating system will create a PWA shortcut and add it to Add or Remove Programs in Windows and under the /Users/<account>/Applications/ folder in macOS.

Recently these have been used to steal credentials and are unsafe. 
New phishing toolkit uses PWAs to steal login credentials (bleepingcomputer.com)

In Edge, type in address bar about://flags, search for 'handling' and change the settings to match image below. All settings that required changes are now all changed to Disabled. 


about://flags, search for 'PWA'
and change the settings to match image below.  All settings that are required to change are now all changed to Disabled. 



































about://settings, search for 'application'

Change to off position as in image below.

about://settings, search for 'protocol'

Change to off position as in image below.


about://settings, search for 'apps'

Turn on Block Potentially Unwanted Apps.

Microsoft Defender SmartScreen must be enabled to turn on Block Potentially Unwanted Apps.
But note MDSS, talks to Microsoft servers, and is a privacy leak. 





Service workers are used by PWAs. To list and delete current service workers type in address bar
chrome://inspect/#service-workers


To disable you need an add-on unfortunately.

Sources: 

PWAs as URL Handlers  |  Capabilities  |  Chrome for Developers

Handle protocols in Progressive Web Apps - Microsoft Edge Developer documentation | Microsoft Learn

Posted by metadataconsulting (profile) at 7:00 AM 0 comments

Tuesday, June 11, 2024

OneDrive Direct Download Link Generator for 2024 Breaking API Change






Microsoft OneDrive Direct File Download URL Maker




<iframe src="https://onedrive.live.com/embed?cid=8F99649728BEB2F3&resid=8F99649728BEB2F3%211010&authkey=AFo8ZQ_-qj84DEQ" width="98" height="120" frameborder="0" scrolling="no"></iframe>  see instructions below, if you don't know how. NOTE : For images there an extra step below.



https://onedrive.live.com/embed?cid=8F99649728BEB2F3&resid=8F99649728BEB2F3%211010&authkey=AFo8ZQ_-qj84DEQ and populate the text-box below. To proceed click "Get Download Link" button.
4. Now, Click on Get Download Link button.

Text-box will be highlighted so you can copy the full link. To copy, right-click and choose  "Copy" or simply (ctrl-c) to copy link. Note: Entire URL is automatic selected for your convenience.

 
For 2024, a new API breaks the above

Rolled out is some regions, the above method will not work. Here's the work-around.

1. Choose item in OneDrive and click Download button.

1a. In your browser (Edge shown), choose the download link to display downloaded history.

2. Select download item and then right-click on the downloaded item.

3. In Sub-Menu select Copy download link, that will give you a very long link. And that works!


Warning: This link only last 1 hour. Please see comments below.












For Images, you get a direct url
  1. Right-click on image and select Embed. The Copy the URL to embed image now gives you direct download URL, but is super long.

    So you do not need to do the above! 


Posted by metadataconsulting (profile) at 7:30 AM 10 comments

Monday, June 10, 2024

decomet - remove comments and multiple blank lines from code, fast cmd line c executable


decomet is a cosmic fast Windows command line tool that will minify source code. By default this will remove all comment lines starting with // or contained  with /**/. 

 It features;
  1. remove all blank/empty lines. Blank is defined as whitespace* 
  2. remove all Unicode control characters, except tab, form feed and carriage return.
  3. remove empty duplicate lines reduce them to 1 line for readability of code.
  4. remove indent whitespace*
  5. minify and normalize whitespace* to a single space
  6. prefix with line number. Specifically line number, tab and then line  
  7. recurses sub-directories
  8. funnel to a single output directory
  9. added datetime stamp to output filename *udpate as of Mon 10-Jun-24 2:57pm EDT

*ISO 30112 defines POSIX whitespace characters for function iswspace() for locale 'en_US.UTF8' as Unicode characters U+0009..U+000D, U+0020, U+1680, U+180E, U+2000..U+2006, U+2008..U+200A, U+2028, U+2029, U+205F, and U+3000
  
It super fast and written in C/C++ mixture.
It reads and writes UTF-8 source code. 
Files accept Unicode names. 
Built-in human readable elapsed time.

 The code base for this project is http://code.google.com/p/cpp-decomment/ but has been greatly improved to handle Unicode spaces, control characters, UTF-8 files and UTF-8 filename. Moreover, the state machine has been optimized and improved to work.
Improved code to make sure all the switches actually work.


Download decomet.zip. Personal use only. Opens this page after run.
Use metadataconsult@gmail.com for license, $10.00 USD to remove open page.
As with all my software - 100% no malware or spyware. I am trying to sell this and that would be a bad idea.

decomet -h 2> help.txt - to pipe to a file 'help.txt' 

Usage:  decomet -[bcehimnprsv] [-d<DIR>] file1.c file2.js ...
Outputs (adds extension .dec.{org ext})  file1.c.dec.c file2.js.dec.js ...
Decomment source files, optionally remove whitespace, control characters and duplicate 
empty lines 

  -b         remove all whitespace* blank/empty lines
  -c         preprocess & remove control characters in ASCII and UNicode range
             U+0001..U+0008, U+000E..U+001F and U+007F..U+009F, respectively.
             NOTE: U+001A 'SUB' Substitute character will terminate reading a text file 
unexpectedly. 
  -e         Removes duplicate Unicode whitespace* entire lines aka 'empty lines', leaving 
1 line. 
             *ISO 30112 defines POSIX whitespace characters for function iswspace() for 
locale 'en_US.UTF8' as Unicode characters 
             U+0009..U+000D, U+0020, U+1680, U+180E, U+2000..U+2006, U+2008..U+200A, 
U+2028, U+2029, U+205F, and U+3000 
  -h         display help message
  -i         remove indent whitespace*
  -m         minify && normalize whitespace* to a single space
  -n         prefix with line number
  -p         preview files matching wildcard for recursive search
  -r         recursive search sub-dirs under the input-file's folder - file wildcard needed
  -s         output to stdout, instead of output-files (infile1.c.dec.c)
  -t         add datetime to output. Example: infile1.c.dec_10Jun24_1347PM.c
  -v         switch off verbose - default on

  -d<DIR>    output funnel directory, no space after -d

  file[*?].c input-files, file wildcard [?*] allowed. The output-file is 'filexxx.c.dec.c'

Features:

        Fast, written in mainly C, C++ for Unicode support
        Read and writes UTF-8 text files
        Implements a state machine for parsing to remove comments, enforce min. spaces, etc.
        Implements a stack for file/folder traversal

Limitations:

        Each line length is a max of 100,000 characters wide
        Does not handle long file paths (>260)

Notes:

        org src code - http://code.google.com/p/cpp-decomment/
        improved to handle Unicode, UTF-8 files && remove duplicate lines, Unicode 
whitespace 
        fixed stack imp (org. failed if single double quote found with -m switch)
        improved to assure all switches work correctly, etc.

decomet version 2.0.2.4
Copyright © 2024 metadataconsulting.ca, Mark Pahulje 

THE SOFTWARE IS PROVIDED "AS IS", EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE 
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO 
EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Speed test on 100 lines of C++ file.

1. input2.cpp
Input   100 lines.
Output  100 lines.
Removed 0 lines.
Elapsed 3ms.

Speed test on 1 Gig text file.

I:\WORK-CODE\Visual Studio Projects\decomment\Debug>decomet -e 1gb.txt
Input   42949674 lines.
Output  42949670 lines.
Removed 4 lines.
Elapsed 6min 29s 170ms.

Posted by metadataconsulting (profile) at 7:00 AM 0 comments

Thursday, June 6, 2024

How to view message source in Outlook online for 2024

Checking that your email is not spam or contains bad links and malware? Here's how to check an email in full details by look at the email/message source. Well what is that? 

The message source which is the email in full details and includes both plain text and raw HTML of the message. Most importantly includes headers, while the message body is the content you see when you open an email normally.

An email header or an internet header is metadata that accompanies every email and contains detailed information, such as the sender, receiver, route, timestamp, and more. Mailbox and email service providers use email headers to authenticate the email senders and properly allocate an email in the inbox.

As of June 6, 2024 aka 'D-Day' here's how to view email/message source in Outlook.com.

Choose your email message and select ...



Partial view of message source, as we can see if comes from apple.com.

Received: from SA1P223MB0837.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:3d2::22)
 by PH7P223MB0552.NAMP223.PROD.OUTLOOK.COM with HTTPS; Thu, 6 Jun 2024
 15:59:12 +0000
Received: from MN2PR03CA0001.namprd03.prod.outlook.com (2603:10b6:208:23a::6)
 by SA1P223MB0837.NAMP223.PROD.OUTLOOK.COM (2603:10b6:806:3d2::22) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7633.31; Thu, 6 Jun
 2024 15:59:10 +0000
Received: from BL6PEPF0001AB59.namprd02.prod.outlook.com
 (2603:10b6:208:23a:cafe::da) by MN2PR03CA0001.outlook.office365.com
 (2603:10b6:208:23a::6) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7656.20 via Frontend
 Transport; Thu, 6 Jun 2024 15:59:09 +0000
Authentication-Results: spf=pass (sender IP is 17.32.227.229)
 smtp.mailfrom=insideapple.apple.com; dkim=pass (signature was verified)
 header.d=insideapple.apple.com;dmarc=pass action=none
 header.from=insideapple.apple.com;compauth=pass reason=100
Received-SPF: Pass (protection.outlook.com: domain of insideapple.apple.com
 designates 17.32.227.229 as permitted sender)
 receiver=protection.outlook.com; client-ip=17.32.227.229;
 helo=mdn-epsmtap-mkt-lsndr13104.apple.com; pr=C
Received: from mdn-epsmtap-mkt-lsndr13104.apple.com (17.32.227.229) by
 BL6PEPF0001AB59.mail.protection.outlook.com (10.167.241.11) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.7633.15 via Frontend Transport; Thu, 6 Jun 2024 15:59:09 +0000
X-IncomingTopHeaderMarker:
 OriginalChecksum:94387A27F04720CF321ECD265C181A297D3210A285393BFAA7EB899EC1759C27;UpperCasedChecksum:A14A6126655DC5C27D9ED33C81DFA770C8753A0E5A3FD9E3B1EE7F07E60FA12E;SizeAsReceived:2367;Count:21
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=insideapple.apple.com; s=insideapple0517; t=1717689547;
	bh=1+EjR6ZAex/Guwo1GedJJucGEHnV4aI2xtMWisDmhqk=;
	h=Date:From:To:Message-ID:Subject:Content-Type:
	 List-Unsubscribe-Post:List-Unsubscribe;
	b=157YrtTKcegFIlEDF56ph/MrP9dfgvz5DJICNodIuuLq2vVv09GABiKCJ5LoKop2R
	 rWF09IOs/nJvbFyzzDpVdXgymm4eB3jrvOHI43UPrW6oeF/ZcCb9Htu9pCs4ZGrI+M
	 Vv4W11TYjEzoapw+81Rk5SO3doU+U3OlJPsh32u+eIykFRAGksYvc4zpMtVTDKIg/O
	 leeDNm5ENIRiZw7AwnC9P+AQq8jXVzMpU+FrDnX+Hm1EvhCQcKWESZRToFfhJTe6KS
	 ky7dImlt/fdI2y9GMdt7IEue7DIA70dwF7AcU5MJAfJcqtts3DZ+dZRE/y47AZsRXm
	 mmb3UWAvzyoPQ==


etc...

Posted by metadataconsulting (profile) at 1:19 PM 0 comments
Subscribe to: Posts (Atom)