Allow CrOS Terminal to access GSC

[vapier]

No description provided.

[vapier]

i haven't tested this directly, but seems like it should work ?

[emaxx-google]

i haven't tested this directly, but seems like it should work ?

Let me take a closer look, since the code might not expect the "chrome-untrusted://" scheme. Also the manifest.json might need an "externally_connectable" entry in order to allow these messages (but I don't know off the top of my head whether "chrome-untrusted://" sender is treated like a web page by Chrome Extensions API).

[vapier]

i would expect chrome-untrusted:// would be treated the same as chrome-extension://, but who knows

if you have a CrOS device, you should be able to test this now with the Terminal app in R103 in stable

[emaxx-google]

i would expect chrome-untrusted:// would be treated the same as chrome-extension://, but who knows

if you have a CrOS device, you should be able to test this now with the Terminal app in R103 in stable

Will try later today or tomorrow. Alternatively, if you already have a setup then you can grab the Smart Card Connector built by bots on this PR (the "smart_card_connector_app-pnacl-Debug-app.zip" file on the "Checks" tab is the most convenient, as when loading it manually it'll get the same ExtensionID as the product one: "khpfeaanjngmcnplbdlpegiifgpfgdco").

[vapier]

grab the Smart Card Connector built by bots on this PR (the "smart_card_connector_app-pnacl-Debug-app.zip" file on the "Checks" tab is the most convenient

when i click the Checks tab in this PR, i don't see any Files. i see the CLA & CI GH action.

i see in the CI logs it saying it's uploading that zip as an artifact, but i don't see any links to artifacts. i've never used GH to build things, so i don't know what UI i'm supposed to see.

[emaxx-google]

grab the Smart Card Connector built by bots on this PR (the "smart_card_connector_app-pnacl-Debug-app.zip" file on the "Checks" tab is the most convenient

when i click the Checks tab in this PR, i don't see any Files. i see the CLA & CI GH action.

i see in the CI logs it saying it's uploading that zip as an artifact, but i don't see any links to artifacts. i've never used GH to build things, so i don't know what UI i'm supposed to see.

It's at the bottom of the "CI" page, in the "Artifacts" section (I just checked and it's visible even in Incognito, although files are not downloadable without authentication). In case it still doesn't work, I've reuploaded the file on Google Drive and shared it with you.

[vapier]

ok, i see the files at the bottom now

loading the app unpacked doesn't help. Terminal still can't talk to it.

i tried hacking the main manifest & reloading to include:

"externally_connectable": {
    "matches": [
      "chrome-untrusted://terminal/html/terminal_ssh.html"
    ]
  }

but that didn't help either. i don't know how Secure Shell is allowed to communicate with it either though.

[emaxx-google]

ok, i see the files at the bottom now

loading the app unpacked doesn't help. Terminal still can't talk to it.

i tried hacking the main manifest & reloading to include:

"externally_connectable": {
    "matches": [
      "chrome-untrusted://terminal/html/terminal_ssh.html"
    ]
  }

but that didn't help either. i don't know how Secure Shell is allowed to communicate with it either though.

I've got to testing it, and somehow this patch worked for me. I was able to connect to a remote machine using a Yubikey; without the patch, the Terminal was failing to connect. Are you sure you did the manual test correctly?

As for this:

i don't know how Secure Shell is allowed to communicate with it either though

It's because by default (when externally_connectable is omitted in the manifest), any extension ID is allowed. But as soon as we add it explicitly like in your example, we have to explicitly allow all extensions: "ids": ["*"]. That's the only thing in your code I modified locally.

[vapier]

if it works for you, feel free to ignore my testing results. i never use this app myself :).

[emaxx-google]

Could you update the pull request to add this into manifest.json.template?

  "externally_connectable": {
    "ids": ["*"],
    "matches": [
      "chrome-untrusted://terminal/html/terminal_ssh.html"
    ]
  }

[vapier]

does it need to be scoped to a specific page? or can we allow any terminal page?

[emaxx-google]

does it need to be scoped to a specific page? or can we allow any terminal page?

Any terminal page sgtm too. And I've tested this to work fine:

  "externally_connectable": {
    "ids": ["*"],
    "matches": [
      "chrome-untrusted://terminal/*"
    ]
  },

[vapier]

OK, updated now. lmk if i messed something up.

[emaxx-google]

LGTM