Monday, October 8th, 2007
GPSGate: Access GPS location information through JavaScript
Johan Franson has developed a solution to access a local GPS through Javascript /
cross-scripting. His library works in all browsers with that dynamically can include
.js script files. Including Firefox, Opera, Opera Mobile and IE.
You need to install a program called GpsGate on the client computer which currently only works for Windows and Pocket PC:
“GPS in browser” uses cross scripting. GpsGate runs a small local web server from which your page can request GPS information. A javascript library is included to make this really simple.
- <script type="text/javascript" src="http://localhost:12175/javascript/GpsGate.js"></script>
- <script type="text/javascript">
- //< ![CDATA[
- // That is the callback function that is specified in getGpsInfo() and
- // executed after the data is returned
- // See more info on the returned "gps" object below.
- if (typeof(GpsGate) == 'undefined' || typeof(GpsGate.Client) == 'undefined')
- {
- alert('GpsGate not installed or not started!');
- }
- function gpsGateCallback(gps)
- {
- var resultTag = document.getElementById('position');
- resultTag.innerHTML = 'longitude:' + gps.trackPoint.position.longitude +
- ' latitude:' + gps.trackPoint.position.latitude;
- var d = new Date(gps.trackPoint.utc);
- resultTag = document.getElementById('time');
- resultTag.innerHTML = d.toLocaleString();
- }
- //]]>
- </script>
- <div id="position"></div>
- <div id="time"></div>
- <form name="f1">
- <input value="GPS info" type="button"
- onclick='JavaScript:GpsGate.Client.getGpsInfo(gpsGateCallback)'
- id=button1 name=button1/>
- </form>





I wonder about the security/privacy issues behind this. If this were dropped onto a web site, and a user with the app was directed to it, couldn’t a bad guy find out someone’s exact (well, just about) location?
Such applications/features must use a whitelist of domains.
Interesting idea though.
Security is very important here.
There is a white list and a black list. The lists can live for ever or during a session. If a page makes a request for a page, the user is notified and will have to white or black list the site the page comes from.
A page cannot access the GPS position without the users knowledge.
Dammit!
I was going to do this… you beat me to it Johan. Nice job, I might have to check it out
other Javascript location APIs:
Garmin’s Communicator lets you do this with Garmin units – as well as pull off waypoints and tracks.
Skyhook Wireless’ Loki provides Javascript hooks to WiFi Geolocation.
@Andrew. As I understand it, the Garmin variant needs a browser plugin to work so its not quite comparable to the “pure” GpsGate XSS solution.
@Andrew – for people looking to implement the Loki Javascript API go to: http://loki.com/developers/
If you’re interested in playing with real-time user geolocation data, check Loki out and play with the js api. Loki offers a white/blacklist by domain and prompts the user when location is requested. If you have feedback/questions feel free to email me at rsarver skyhookwireless.com