in reply to Re: In-browser mech-like thing?
in thread In-browser mech-like thing?

I can't think of a legitimate use for this, having a 3rd party BROWSER addon do automated logins on behalf of users to banks, means that it needs to store login/pass for users.... this is pretty much against most banking regulations AFAIK

Replies are listed 'Best First'.
Re^3: In-browser mech-like thing?
by aquarium (Curate) on Oct 31, 2010 at 22:11 UTC
    and furthermore, since the entire session (not just the login) is likely to be https, you won't be able to scrape the gibberish. you can automate pressing buttons etc, but the https info sent from the server will not be intelligable, afaik.
    the hardest line to type correctly is: stty erase ^H
[reply]
      If we implement the scraper as a browser plugin/addon, the browser will provide the HTTPS content (and even the DOM) for us. IIRC, Chrome permits an addon/extension to insert some script to any page and do cross-domain AJAX request (after the user allows it).
[reply]
Re^3: In-browser mech-like thing?
by dgaramond2 (Monk) on Nov 03, 2010 at 03:11 UTC

    Not necessarily, if the user/pass is stored by the browser addon in-memory for the current browsing session only. The user will then be slightly inconvenienced by having to enter a user/pass in the morning, but during the day as long as it does not close the browser, the browser addon can periodically login+logout on behalf of the user to check for new transactions.

    Also, how is this different from browsers themselves saving login username/password for the user (by explicit consent from the user). Do banks in the US explicitly forbid this browser feature?

[reply]

In Section Seekers of Perl Wisdom