In group settings API, what is "customFooterText" supposed to do? - google-admin-sdk

I'm trying to figure out what the property "customFooterText" in https://www.googleapis.com/groups/v1/groups/groupUniqueId does.
The docs say
Set the content of custom footer text. [..]
so I played around with it (in combination with a true "includeCustomFooter". I also tried different states of directory-wide footer in the admin-panel) because I have a use case for setting different footers for different groups, but it does not seem to do anything.
Any input would be highly appreciated.

Yes. Based from the documentation, customFooterText is used to set the content of custom footer text. The maximum number of characters is 1000. You may check this link on how to use it in your code.
{
...
"includeCustomFooter": string,
"customFooterText": string,
...
}
You may also refer with this related thread:
Title footer for Group in Setting bundle

Related

Check if <fo:page-number> is even or not using XSLT 2.0

How to check the <fo:page-number> is even or odd using xslt 2.0 Is there any way to use <fo:page-number> inside <xsl:if test="fo:page-number mod 2 = 0">
The XSLT stage generates the XSL-FO that the formatter then makes into pages. So, no, you can't get the current page number when you are generating the XSL-FO.
What do you want to change if it is an even-numbered page?
With XSL-FO, you can set up different page masters for odd and even pages (and more besides). The different page masters can have different margins, and you can set things up so that the formatter will direct different content to headers and footers on even pages than is used on odd pages.
See the 'Page Region and Structure' PDF and FO files in the 'XSL-FO Samples Collection' at https://www.antennahouse.com/xsl-fo-samples#structure
What you ask for cannot be done with a true batch formatter in a single pass. It requires "human" intervention to mark only those places where the break needs to occur and not others.
Also, there is no guarantee that one XSL FO formatter might yield different results than another. Because of the complexities in the way some formatters handle "line tightness" (which is very small squeezing of spaces and characters together to fit text within a line) as well as some supporting kerning and others not as well as many other factors, it is not possible to "pre-predict" whether some paragraph will appear/start on a page or not.
Formatting text in true typography is not merely word-space-word-space ... there are many other factors involved that could change the number of lines in a paragraph between one formatter and another which can easily ripple to a known paragraph existing on an even page in one formatter, yet an odd page in a different formatter.
Then you also need other rules like what if your paragraph using your formatter of choice is the first one on your page in which you wish to break. Do you want a blank page? Maybe, who knows?
The only way to accomplish your task is through a multipass approach that could be implemented such that it is generic to any formatter. You would need to format a whole document (or if you are chunking that document with page masters) at least a chunk that starts and ends in page boundaries. Format it, test your condition on the first paragraph. If it passes (meaning if a break is needed), go back to original content (or modify the XSL FO) and mark some attribute that would result in break-before="page" on that structure. Then repeat the process until you reach the end of the document. Some formatters can provide you the area tree and markers you can put in that tree so that you could do this programmatically and not by eye).
If your document is long and in one page-sequence (say like 3000 pages when formatted) and your break condition is frequent, you may have to repeat the process 700+ times.
As stated, some formatters through their API may allow you to control this programmatically. You can examine the area tree, look for your marker and keep count of pages. You may even be able to start formatting again at the break condition and not start over, but you need to program such things.

How to prevent a 'hidden' link to an image within a #if condition in MediaWiki

We have an image which has a predictably-positioned number in the filename. I handle the display of the image in a template based on whether or not the number is within multiple different ranges. If it is in any of those ranges, the image does not (and should not) exist.
Everything works fine, but I find that Special:WantedFiles still includes a listing for the intentionally 'missing' images. The sole link for each 'missing' file is from the page that is using that template. It seems that, even though the page correctly isn't trying to display the image, the wiki still is also interpreting the [[File:foobar]] bit as if the #if test were resolving the other way, creating an unused link to a non-existant file.
The following is a simplified version of the problem part of the template. ImageRangeTest is the range check template; it works fine, returning either a 0 or a 1 depending on if the {{{1}}} number is in any of the matching ranges.
{{#ifeq: {{ImageRangeTest | {{{1}}} }} | 1 | This image does not exist. | [[File:{{{1}}}.png]] }}
So why, when ImageRangeTest returns 1, does "This image does not exist." properly get displayed, but File:{{{1}}}.png still get a hidden link from that same page, causing File:{{{1}}}.png to show up on Special:WantedFiles?
What you want do is not possible currently. It's a 'hidden' link to you, but a normal link to the database. The table storing file inclusions does not differentiate on whether the image exists or not. Special:WantedFiles generates its content by querying that table among others.
Various requests to change this were declined as per back as 2006, such as this and this. Not the request were mostly about general links generated from templates but the underlying problem/issue is the samae as yours.
The only way to stop it from showing in that special page is to delink the name, that's to remove the square brackets, and I doubt if you'd like that.

Regex in capybara have_xpath

I have a text changing decoration when it is clicked. In my tests before clicking I want to check whether it's already clicked or not. It changes color, text decoration and href which I want to check through.
As href contains session specific information, so I want to use regex.
if page.have_xpath("//a[contains(#href,\"%20Administrators?\")]")
This passes even the page has already been updated and Administrators text has changed to something else.
How should I correct the syntax to accept all href containing "%20Administrators?" text. I want add it to if clause as if the page has the link with text Administrators in it.
Before clicking: href="/sometext/%20Administrators?redirect=sometext"
After clicking : href="/sometext/%20Standard?redirect=sometext"
The primary issue you're having here is using have_xpath rather than has_xpath?. have_xpath returns an RSpec matcher, and as such when used with if will always evaluate as true (since it returns an object and hasn't yet actually evaluated any XPath passed in). has_xpath? returns a boolean result of true or false.
if page.has_xpath?('.//a[contains(#href,"%20Administrators?")]')
The second issue is that your question asks about regex, but XPath 1.0 (which browsers support) doesn't have regex support and your XPath isn't using regex at all (just a contains expression). If you actually want to use regex for testing the href (and have better reading code) you should be using the has_link? boolean method - along the lines of
if page.has_link?(href: /Administrators/)
has_link? can also verify the visible text of the link too if wanted
if page.has_link?('Visible text of the link', href: /Administrators/)
Finally, when using XPath with Capybara, 99% of the time you should start your XPath with .// instead of just // - see https://github.com/teamcapybara/capybara#beware-the-xpath--trap - and is one reason why it's usually cleaner to use CSS and/or the more specific methods provided by Capybara rather than the xxx_xpath methods.
One other thing to note is that all of the methods mentioned have waiting behavior by default, so they will wait up to Capybara.default_max_wait_time seconds for the page to have a matching link. If you know the page is stable and just want to immediately know whether or not a matching link exists you might want to pass wait: false as an option
if page.has_link?(href: /Administrators/, wait: false)

HTML Purifier - Change default allowed HTML tags configuration

I want to allow a limited white list of HTML tags that users can use in my forum. So I have configured the HTML Purifier like so:
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.Allowed', 'p,a[href|rel|target|title],img[src],span[style],strong,em,ul,ol,li');
$purifier = new HTMLPurifier($config);
What I am wondering is, does the default configuration of the HTML Purifier still apply, with the exception of a reduced number of accepted HTML tags or do I need to re-set every possible configuration parameter manually?
Additionally, should I tweak the default configuration in any way to stay safe? I am new to the whole XSS protection thing, new to HTML Purifier and didn't find that the manual gave a lot of 'basic' tips and hints.
HTML Purifier is safe by default and any restrictions you impose on it by changing %HTML.Allowed are guaranteed only to reduce the permitted tag set. Check out http://htmlpurifier.org/live/smoketests/printDefinition.php to see how tweaking configuration changes the allowed tagset.
Why not just use a DOM parser and check if tag type is in allowed white list of HTML tags?
Converting the input to a DOM node list you should be able to loop through all the DOM nodes and check if the type is allowed that way. php.net has great examples for how to do this written by others like you trying to solve the input sanitization problem.
More information here:
http://php.net/manual/en/class.domdocument.php

How to not transform special characters to html entities with owasp antisamy

I use Owasp Anti samy with Ebay policy file to prevent XSS attacks on my website.
I also use Hibernate search to index my objects.
When I use this code:
String html = "special word: été";
// use the Ebay configuration file
Policy policy = Policy.getInstance(xssPolicyFile.getInputStream());
AntiSamy as = new AntiSamy();
CleanResults cr = as.scan(html, policy);
// result is now : "special word: été"
result = cr.getCleanHTML();
As you can see all chars "é" has been transformed to their html entity equivalent "é"
My page is on UTF-8, so I don't need this transformation. Moreover, when I index this text with Hibernate Search, it indexes the word with html entities, so I can't find word "été" on my index.
How can I force antisamy to not transform special chars to their html entity equivalent ?
thanks
PS: an issue has been opened : http://code.google.com/p/owaspantisamy/issues/detail?id=99
I ran into the same problem this morning.
I have encapsulated antisamy in a class and I use apache StringEscapeUtil from apache common-lang to restore special characters.
CleanResults cleanResults = antiSamy.scan(taintedHtml);
cleanedHtml = cleanResults.getCleanHTML();
return StringEscapeUtils.unescapeHtml(cleanedHtml)
The result is a cleaned up HTML without the HTML escaping of special characters.
Hope this helps.
Like Mohamad said it in a comment, Antisamy has just released a new directive named : entityEncodeIntlChars
here is the detail : http://code.google.com/p/owaspantisamy/source/detail?r=240
It seems that this directive solves the problem.
After scouring the AntiSamy source code, I found no way of changing this behavior apart from modifying AntiSamy.
Check out this one: http://code.google.com/p/owaspantisamy/source/browse/#svn/trunk/dotNet/current/source/owaspantisamy/html/scan
Grab the source and notice that key classes (AntiSamyDOMScanner, CleanResults) use standard framework objects (like XmlDocument). Compile and run with the binary you compiled - so that you can see everything in a debugger - as in which of the major classes actually corrupts your data. With that in hand you'll be able to either change a few properties on major objects to make it stop or inject your own post-processing to revert the wrongdoing (say with a regexp). Latter you can expose that as additional top-level property, say one named NoMess :-)
Chances are that behavior in that respect is different between languages (there's 3 in that trunk) but the same tactics will work no matter which one you have to deal with.