Plugins for browsers are needed when we can not inject the necessary lines of code directly into the page (code) or the application does not offer the possibility to load the script (like SharePoint Extensions do).
It has only one goal: Wait until a GRAVITY enabled URL is hit with the browser, setup the correct backend URL and start the inject scripts. After that basically the plugin is not needed anymore; but since we want to update configs once in a while the configuration has an expiration date after which the procedure is repeated.
Devs can use the option page of the plugin to force reset the config for faster development (takes time to wait 196 hours) or to logout the current user. Also verbose logging can be turned on/off for debugging.
For one hour one can also brute-set a backend URL, just in case someone wants to test something on another backend but does not want to create all the configs therefor.
The graphic below explains the first stage of the plugin. Using DNS entries it is possible to use the same plugin for either local or global config servers. Most customers trust the global config server, but of course one can have his own.
Using the Public Plugin in an On-Premise environment
The plugin coming from the browser store is configured to automatically grab the configuration from “config.gravity.globa”l. In order to use the public available browser plugin in an On-premise environment you need to configure a CNAME DNS entry point to your On-Premise GRAVITY App.
NAME TYPE VALUE
config.gravity.global. CNAME config-gravity.scapp.io. //public cloud configuration
config.gravity.global. CNAME config-your.gravity.domain.host. //On-Premise DNS configuration
Dedicated On-Premise Plugin
For Google Chrome we provide two specifc On-Premise plugin who connect to a host name not a URL. The host names are 'config-gravity-global' and 'env1-config-gravity-global'. In that way the certificate don't need to be replaced for 'config.gravity.global'. In that way you might deploy different plugins for different environment (Testing / Production).
NAME TYPE VALUE
config-gravity-global. A yourhost-ip
env1-config-gravity-global. A yourhost-ip
After a config is found (first paragraph below), the plugin is injecting the scripts into the site which starts GRAVITY.
Data in transit
Data is transmitted over https to and from our config server. The URLs are safely hashed.
See next chapter.
Data in operation and rest
To check if an URL is GRAVITY enabled we need to compare two URLs. Two factors make sure no one ever sees these URLs besides the user, his local machine and plugin respectively.
- They are client side compared by the plugin
- They are transmitted and compared hashed (SHA-256), so not even when having the payload one can see or decode which URLs are GRAVITY activated or which URLs exist.
If a URL matched, the config is stored plain text, but since someone already got the URL right it is irrelevant. The URL is stored in the plugins own local storage together with a time to live. If it expires (checked on every page change), the procedure starts from the beginning.
- Client Side GRAVITY detection
- Reduces a lot of network traffic
- More performant in detecting if current URL is GRAVITY-enabled since there is no request anymore
- Config lifetime checker fetches new config updates regularly
- Debugging module
- Faster and easier first and second level support
- Handy mechanics to manually set a backend
- Ability to reset plugin to installation state or logout the current user on rare occasions
- Optional logging: Browser Console logging can be turned off and on
Plugin Download - Version 2.3.1
Version 2.3.+ includes CSP-Support (Server Version 1.11+ required).
Plugin Download - Version 2.1.0
Internet Explorer 11
End of Support
Please be aware that we don't support the Internet Explorer 11 Plugin anymore. Please deploy it only in accordance with the consents of our service team.
To install the IE 11 Plugin execute the MSI attached to this site, then open Internet Explorer and allow new extension in popup.
To access the debugging control in Internet Explorer 11, please type ‘about.gravity’ in the URL field.
All the GRAVITY configuration for IE 11 is stored in to the Windows Registry. The settings can be found under: