GeekAfterFive

Infrastructure as Code

home

Hacking the vCloud Director Browser Support Warning

19 Jul 2012

    a picture I'm a Chrome user and it's particularly annoying to get the "this browser is not supported" message any time I load the vCloud Director URL, or my session expires and I have to re-login. I try to spend most of my time in PowerCLI, but sometimes I need to make a minor tweak, or open the remote console of a VM. I understand that Chrome is not a supported browser, which is only because of the remote console, as far as I can tell. Everything else works great in Chrome! So what is an unsupported browser user to do? HACK! I came up with this idea on accident, when I was playing with the Powershell v3 Invoke-RestMethod cmdlet. Here's what I ran:
Invoke-RestMethod "https://vcloud.example.com/cloud/org/jake" | Out-File C:\users\jake\desktop\vcloudindex.html -encoding UTF8
This dumps the HTML from the URL just like wget in Linux. After that, I started changing out all of the relative HTML links to absolutes. In the following html, I changed the first one to show you an example.
css/main.css" type="text/css" rel="stylesheet" />
<script type="text/javascript" src="support/<span class=">// <![CDATA[
javascript</span>/jquery/jquery-1.3.2.min.js" type="text/javascript">
// ]]></script>
<script type="text/javascript" src="support/<span class=">// <![CDATA[
javascript</span>/upload.js" type="text/javascript">
// ]]></script>
<script type="text/javascript" src="support/<span class=">// <![CDATA[
javascript</span>/swfobject.js" type="text/javascript">
// ]]></script>
<script type="text/javascript" src="support/<span class=">// <![CDATA[
javascript</span>/swfaddress.js" type="text/javascript">
// ]]></script>
 <script src="support/javascript/associative-array.js" type="text/javascript"></script>
 <script src="support/javascript/VMRCConsoleController.js" type="text/javascript"></script>
 <script src="support/javascript/remoteaccess.js" type="text/javascript"></script>
After that, I started running into cookie errors, and apparently Chrome does not load cookies for local pages by default. You can fix this by loading Chrome with --enable-file-cookies, but that seemed like a chore. I simply uploaded the file to my public dropbox folder and got the URL for the file. At that point, I was accessing the file over the internet, but the flash was not loading. After a bit of investigation, I discovered this line:
{  wmode: "opaque", allowScriptAccess: "sameDomain" },
A quick google search revealed I could change "sameDomain" to "always." I made the change and reloaded the page. Flash worked and I could log in!!! So now I could focus my attention on that browser error. I did a find for the text of the error, and backtracked it to this function:
function onPageLoad() {
 if (isSupportedBrowser()) {
 initializeFlash();
 } else {
 $("#browserWarning").show();
 $("#flashWarning").hide();
 $("#cookieWarning").hide();
 }
 }
Easy fix. I simply removed the logic of the onPageLoad() function to this:
function onPageLoad() {
 initializeFlash();
 }
I reloaded the page, anxious to see if that fixed it....SUCCESS! I browsed around a bit to see if there was anything that didn't work, and it appears the only thing is right clicking objects. The work around for that is simply clicking the gear icon to bring up the actions for a particular object, but I am sure there is an HTML or javascript fix for that as well. From a security standpoint, I could see someone constructing a man-in-the-middle attack of sorts to gain credentials, but they'd have to work at it. Always make sure the URL you are connected to is correct, and the SSL cert is for your domain. Bookmarking the link can also be a method to make sure you are not going to the wrong URL. a picture   As a final note, This does NOT add VMware remote console support to Chrome. The VMRC plugin is currently only for Firefox and IE. The usefulness of this hack is somewhat limited, as it only removes the browser warnings. Enjoy!    
comments powered by Disqus