I want to load some scripts only when traffic from a particular hostname.
For example:
I will load a script when blog traffic from www.mywebsite2.com. How can I do that? I tried a lot but still couldn't find anything related to that.
Here are some codes that I have tried.
<b:if cond='"referrer" == "www.mywebsite2.com"'>
<script>...</script>
<b:else/>
<script>...</script>
</b:if>
How can i use the referrer in that.
You can detect if a link was opened from certain site if the link on that site does not have rel="noopener" value.
For example, your site domain is http://0.example.com and your referrer site domain is http://1.example.com.
In referrer site, a user was clicking a link:
link
From your site, you could detect the incoming traffic this way:
if (window.opener && window.opener.location.hostname === '1.example.com') {
// Run the script for `http://1.example.com`
}
To load external script under that conditional block, you could try AJAX or generic DOM insertion:
Method 1:
// Run the script for `http://1.example.com`
fetch('http://0.example.com/script.js').then(response => response.text()).then(text => {
let script = document.createElement('script');
script.textContent = text;
document.head.appendChild(script);
// Other script goes here ...
});
Method 2:
// Run the script for `http://1.example.com`
let script = document.createElement('script');
script.src = 'http://0.example.co./script.js';
document.head.appendChild(script);
script.addEventListener('load', e => {
// Other script goes here ...
});
Related
The intention is not to resolve CAPTCHA automatically. Every user of my site will have to resolve the CAPTCHA.
The intention is to use free data from another site. These data are public and free, but to avoid massive requests, they are protected with CAPTCHA.
This is what I've done but doesn't work:
Create a proxy.php that manage and forward the requests to the original site.
Copy all headers from the original request (request of the CAPTCHA) and add them to the proxy. So, this is the form to resolve the CAPTCHA:
xxx is my site, example.com is the site that I want to resolve captcha and get data:
<img id="imgCaptcha" src="https://xxx/proxy.php?curl=https://example.com/Captcha&type=image&lang=it" style="width:200px;">
<input type="text" id="captcha">
<button type="button" id="btn_resolve">Resolve</button>
On button click, send the input text and check if it is resolved:
xxx is my site, example.com is the site that I want to resolve captcha and get data:
$('#btn_resolve').on('click',function(e) {
e.preventDefault();
var captcha = $('#captcha').val();
$.get('https://xxx/proxy.php?https://example.com/Captcha&type=check&captcha='+captcha, function(data, status) {
alert(JSON.stringify(data));
});
});
The result is always {"result":false,"token":"","message":null}
I think that the problem is with JSESSIONID cookie that I set in the proxy.php, but seems filtered out from Chrome with this motivation: "This cookie was blocked because its path was not an exact match for or a superdirectory of the request url's path".
Honestly I've got not clear if I can do this and how to do this: it seems that last versions of Chrome blocked some coockies. How can I do this with PHP CURL bypassing Chrome filters?
I resolved it adding all needed cookies in proxy.php file.
Proxy.php forward the request using curl.
This is a good starting point for a cross domain proxy in PHP that uses CURL commands
PHP CORS Proxy by softius
Then you can read JSESSIONID from after requesting the CAPTCHA image, and forward it to the proxy and add it and the others to the request:
header('Set-Cookie: cross-site-cookie=name; SameSite=None; Secure');
header('Set-Cookie: XSRF-TOKEN=XXXXX');
if (isset($_REQUEST['jsessionid'])) {
setcookie("JSESSIONID", NULL, 0, "/");
header('Set-Cookie: JSESSIONID='.$_REQUEST['jsessionid']);
}
EDIT: See my post below for answer how to fix this.
I am building a client app that will store some data in the user dropbox app folder. So currently I am using implicit grant that will redirect the user to the given redirect uri with the parameters passed after the # in the url
Example:
localhost:1666/Dropbox#access_token=...&token_type=.......
Creating a http listener over the localhost url it detects the request however everything after # is ignored and is not passed as part of the request. Is there a way to make capture the data after the #, or is there any other library that allows me to do so?
I am using the cpprestsdk https://github.com/microsoft/cpprestsdk
web::http::experimental::listener::http_listener* l = new web::http::experimental::listener::http_listener(m_authConfig.redirect_uri());
l->support([this](web::http::http_request request) -> void
{
auto uri = request.request_uri();
auto requestPath = web::uri::split_path(uri.path());
auto queryObjects = web::uri::split_query(uri.query());
auto s = uri.fragment();
if (request.request_uri().path() == U("/Dropbox")) && request.request_uri().query() != U(""))
{
request.reply(web::http::status_codes::OK, U("ok.") + uri.query());
}
else
{
request.reply(web::http::status_codes::OK, U("error.") + uri.query());
}
});
l->open().wait();
Thanks!
So after researching a bit, it turns out that # (fragments) are not sent back in most browsers, so to be able to get the data i return the following java-script script:
<script> window.location.replace([location.protocol, '//', location.host, location.pathname, '?', location.hash.substring(1,location.hash.length )].join(''));</script>
This will convert the hash part to a query string and redirect it the user to it so that the listener detects it.
I want to change url of host web from provider hosted app.
Basically, after completion of some business logic in my provider hosted app, I want to navigate to another page of SharePoint portal (for example the search-center page).
When I do "response.redirect" or "window.location.href" it is loading within the App iframe. I want to load the same page in main window.
Please suggest.
Updating with my logic
I have a generic method to get List home page url
public string ListHomePage(ClientContext clientContext, string listName)
{
Web spWeb = clientContext.Web;
clientContext.Load(spWeb, web => web.Url);
clientContext.ExecuteQuery();
return TokenHelper.GetAppContextTokenRequestUrl(spWeb.Url, HttpContext.Current.Server.UrlEncode(spWeb.Url + "/Lists/" + listName));
}
and I am calling following code in App page.
Response.Redirect(ListHomePage(clientContext1, "Test ListName"));
The same can be achieved using below code as the AppPart loads inside a iframe
string redirectUrl = ListHomePage(clientContext1, "Test ListName");
string script = "<script type='text/javascript'>window.parent.location.href = '" + redirectUrl + "'; </script>";
//Here I am using Telerik ScriptManager to execute script
RadScriptManager.RegisterStartupScript(this, this.GetType(), "Load", script, false);
I followed the guide realtime updates on facebook.
My application is a tab page.
I'm using the sandbox environment.
Initially set up by the signing of the dashboard.
The callback URL endpoint verify works fine.
I did an post on the page for only test.
But so far (after 24hrs), i received no update post from facebook.
On log apache server, there is no post from facebook too.
My callback script:
<?php
define('UPD_FILE', 'updates.log');
$method = $_SERVER['REQUEST_METHOD'];
global $log_file;
if ($method == 'GET' && $_GET['hub_mode'] == 'subscribe' && $_GET['hub_verify_token'] == 'jogabonito') {
echo $_GET['hub_challenge'];
exit;
}
else if ($method == 'POST')
{
$log_file=UPD_FILE;
$updates = json_decode(file_get_contents("php://input"), true);
logToFile("updates =".print_r($updates));
}
function logToFile($message){
global $log_file;
$hdl = fopen($log_file, 'a') or die ("couldn't open log file");
fwrite($hdl,$message."\n");
fclose($hdl);
}
?>
Grateful for the attention
Your code works (somewhat) fine after some requirements have been met.
You have subscribed successfully for at least one field change.
The user you are testing with has granted your app some or all of the required permissions for the fields you are subscribed for.
If one of the above isn't properly handled you won't be notified about related changes.
On another note I wrote "somewhat" because you are dumping the array content using print_r without specifying that the function should return the data rather than print it. The way you have it right now will result in a "1" result.
What you need should look more like this:
logToFile("updates =".print_r($updates, true));
I was facing the same problem, below solution fixed my problem,
just make an POST request to the following URL
https://graph.facebook.com/PAGE_ID/tabs?app_id=APP_ID&access_token=PAGE_ACCESS_TOKEN
Please replace the values before making a request
Say I am running stumbleupon.com and users can submit sites to be added into the db of sites. Is there a way that I can write a program to see whether or not the site that was added by the user is actually a real website? Or if it bring me to a 404 that I can say "welp, that was some bugus" or maybe that the user made an error when submitting the url? Or do i need to put people on my payroll to see if the user submitted website bring me to a 404?
The response code from the request is a 404 not found, instead of a 200 success message that you get on a good response from the server. You can easily automate the check.
Since I don't know much about python, I offer a client side solution.
You could check if the URL is legit as soon as the user submits the page. Maybe throw up a 'verifying url' message or something.
Using this method you could make a cross domain call to see if that site is really there. Then you could pop up a message that asks them to fix their mistake or allow the URL to be submitted. This solution uses Yahoo as a proxy, but as you can see by my super simple function below it does work.
function doAjaxCheck(url){
// if the URL starts with http
if(url.match('^http')){
//add a 'loading message here, or something'
// assemble the YQL call
$.getJSON("http://query.yahooapis.com/v1/public/yql?"+
"q=select%20*%20from%20html%20where%20url%3D%22"+
encodeURIComponent(url)+
"%22&format=xml'&callback=?",
function(data){
if(data.results[0]){
alert('it is OK');
} else {
alert('not OK');
}
}
);
} else {
$.ajax({
url: url,
timeout:5000,
success: function(data){
alert('it is OK');
},
error: function(req,error){
if(error === 'error'){error = req.statusText;}
alert('not OK : ' + error );
}
});
}
}
However, all this being said, I would go with a server-side check for reliability-sake.