Custom connection between my Google Chrome extension and my own program on Linux
I have a native program (in Java) that would like to communicate with a Google Chrome / Chromium extension. The messages contain confidential information and should not be available to anyone other than the user executing them (and of course root).
What technology should I choose for this communication channel? Is there even a solution?
EDIT: Sure, I could open the TCP / IP port on the localhost, but wouldn't it be available to other users with an account on the same host? Is there a technique to avoid side effects?
Can we access unix domain sockets from Google Chrome extensions?
The solution I have chosen is to have a server socket listening on the loopback interface (/127.0.0.1) with a shared secret used as the api key.
The reason is that I didn't realize that in my case every application that connects to my node needs to be authenticated .. because every application is handled differently, with different access permissions.
Assuming you are already familiar with TCP, if you are using localhost / 127.0.0.1 for communication, it will not be reachable / reachable by other machines.
You can solve this at a higher level with SSL secured communication with certificates, etc. IF someone does not have a certificate, then the connection will be killed. Plus, you will benefit from encryption.