I'm reading the Terms of use which can be found here: http://code.google.com/apis/visualization/terms.html
But I do not see anything telling how Google use the data provided to generate the charts. Can someone be kind and enlighten me?
The Privacy Policy is likely to apply here. The relevant part should be:
Log information – When you access
Google services via a browser,
application or other client our
servers automatically record certain
information. These server logs may
include information such as your web
request, your interaction with a
service, Internet Protocol address,
browser type, browser language, the
date and time of your request and one
or more cookies that may uniquely
identify your browser or your account.
In combination with
Affiliated Google Services on other
sites – We offer some of our services
on or through other web sites.
Personal information that you provide
to those sites may be sent to Google
in order to deliver the service. We
process such information under this
Privacy Policy
Because you send the chart information with the URI and thus they will at least log it.
Related
we need to know some general data about the user entered on our webpage. Like the range of age (e.g. 18-24), gender, favorite color, country, etc. Is there any way to receive this information From Google, Facebook, or other social network services (free or paid)?
If I am understanding you properly this is regarding access to public data.I will try to give some information on this.
Considering Google Cloud Platform and accessing public data via the Google Cloud Console, you must authenticate with Google.You can authenticate with any Google account; the account does not have to be associated with the project that contains the public data, nor does it need to be signed up for the Cloud Storage service.
By contrast, accessing public data with gsutil or a Cloud Storage API link does not require authentication. These methods are suited for general-purpose links to publicly shared data. For example, an API link can be used in a web page, with client libraries, or with a command-line tool such as cURL. You can see more details on Accessing public data.
From another point of view and considering your case, it seems like details on Google Analytics might be helpful for you, since it can analyze in-depth details about the visitors on your website.You can also take a look at Analytics Help.
I was using a Yahoo web service to resolve zip codes to geo information. An example url is
http://where.yahooapis.com/geocode?q=35060,mx
where 35060 is the area code and mx is the country.
I am now receiving 404s when I do this. Did this service change? I see now that yahoo offers GeoPlanet which requires an application id as well.
Although there doesn't appear to be an official announcement from Yahoo, there have been consistent reports about this service no longer working.
As an "official" alternative, consider Yahoo Placefinder, which requires an app ID and 2-legged OAuth authentication: http://developer.yahoo.com/boss/geo/docs/requests-pf.html
Alternately, you may be able to use YQL to retrieve the information you need without requiring authentication:
http://query.yahooapis.com/v1/public/yql?q=select%20%2a%20from%20geo.placefinder%20where%20postal=%2236050%22%20and%20country=%22mexico%22&diagnostics=true
I have been reviewing the setup of a current Amazon Web Store implementation to figure out some of the systems capabilities. The end goal is to pull a feed that i can reuse and transform for Channel Adviser. The documentation on Amazon Web Store is a little sparse and I'm wondering if anyone here has a little experience with this specific product scenario (pull inventory from Web Store Account).
The current goal is to pull down the inventory for the store in a feed via RSS or any other suitable format. I have been looking at the RSS web feeds for Tags # amazon.com page but I dont think it's available for the web store product or feasible to pull an entire store's inventory this way.
-my research has led me to the amazon product advertising API but looking at the WSDL for the service, the only relevant service calls I see are ItemSearch, ItemLookup and SimilarityLookup; none of these seem to explicitly support Web Store and they dont really seem entirely appropriate for pulling the Web Store's entire inventory (although they do appear to accept a merchant ID). Does anyone know of a common or appropriate way to get access to this data?
Thanks in advance for any specific guidance you can provide
After a couple of contacts with Amazon Seller support, it appears that the most appropriate solution is to set up an Amazon Marketplace Web Services account and use those apis. The 'Inventory' api seems to be exactly what we were after (although the support email suggested the Reports section).
Response from Amazon Seller Support
We checked and we have a different program that fits your needs called MWS (Market Place Web Service), you would have to sign up for an account first which is for free. Please visit this link to find out more information:
https://developer.amazonservices.com/
Click on reports and then on Amazon MWS Developer Guide (PDF) and you will be able to get more information related to your concern.
Can anybody explain exactly how a web beacon works? I know they're generally used by advertising platforms but i can't really find a good explanation on how they're working.
I know that cookies aren't accessible cross-domain. A web beacon is an image that sends a request to the server, and the server adds a cookie to the response, right? So how can it be accessed on different domains?
Thanks!
When an HTML page is downloaded the browser parses the page and looks for additional resources needed to display the page, such as images. For each image it finds the browser makes another request to a server in the background. When servers receive requests, they usually log the request to monitor load on the server, and record information about who sent the request and where it came from. A web beacon is a tiny invisible graphic that generates a request to the tracking firm's server. They record the request in their logs and then analyze their logs to see who went where and did what and when.
When returning the image from their servers to the browser, they can also send down information to be added to a cookie. There are third-party cookies that can be tracked across domains. If you come back to the site, and the beacon request is made again, that cookie will also be sent up in the request to the server and the tracking firm will have more information about you.
Think about this. Even though you are visiting myfavoritesite.com the web beacon image is being requested from trackers.com. The cookie they create is assigned/locked to their domain, trackers.com. But if you then surf over to myotherfavoritesite.com, and they too are sending web beacons to trackers.com, the cookie will essentially be shared between the two sites. There are more considerations here, but that is the basic premise.
Bug bug (also known as Web beacon) is very important tools commonly used by online advertiser as marketing or advertisement analysis tool for tracking and monitoring the activity of users on a website or marketing content i.e: blog or email. An expert advertiser inserts web bug in his content (usually on website and email) in order track how many people opened a particular content, on which application and country his content is being viewed. So, whenever advertisement display by third-party just know that you are being tracked for marketing analysis purpose.
Bug bug tools are provided freely or premium mostly by CRM service providers like Hubspot CRM, Freshsales CRM, Salesforce CRM, etc. However, a Web bug PHP code can also be used for this if tracking service by CRM provider is not available. Continue reading
And instead of going off and creating one using Php and Apache redirects, my vote is that you go to http://webbeak.com and create one, use it, and track it. No cost either.
I work for a company that develops a software product that processes bank transactions and gives the user insight into his/her spending. Our customers (usually banks) integrate the product into their online banks.
I have a question about securing the communication between the online bank, and our system. Before I ask the question, I want to give you some background.
The bank will usually install our system on a set of servers in their hosting environment.
We offer a number of ways to integrate:
Web services - In this case the bank will make calls to a set of REST services on the server, and then generate a webpage with the results (on the server side).
Iframes - In this case the bank will embed iframes in their online bank webpages. The iframes contain webpages rendered directly from our web application.
Inline widgets - In this case the bank will embed JavaScript references on their pages. When the document loads, the JavaScript widgets will render themselves, using AJAX calls. They communicate with a proxy on the bank server, which in turn communicates with our webapp.
We currently have a custom solution where we generate and sign security tokens for the users, and pass these with the requests.
But as banks have very strict security policies, they would feel better with us using a known and trusted security protocol for the communication. It is a big concern, which we want to address.
So the question is, which protocol is best suited for the integration use cases I listed above? There is a plethora of single-sign-on standards out there, and solutions like SAML, oauth, etc. I get the feeling that these solutions might be an overkill for my situation.
I want to find a solution that is simple. As the servers will run side by side in the same hosting environment, and trust each other completely, there is no need for the end user to authorize one or the other (or being redirected between, clicking buttons to give access to the app).
That is, the security protocol should not require any intervention from the end user. The end user simply logs into his/her online bank, and via secure communication has access to the data from our web server.
So...any suggestions?
Thanks a lot!
OGG
After some deliberation, we decided to use 2-legged OAuth (online bank uses consumer key and consumer secret to sign requests to our app).
OAuth signature can either be put in a request header, or request parameters. It nicely solves our problem, as the REST requests can be signed, and the IFRAME src URL-s can also be signed (all communication is over HTTPS).
For those interested, a couple of references:
This article shows using OAuth with IFRAMEs: http://developer.tradeshift.com/blog/cross-site-user-verification/
This article mentiones some security issues with OAuth, and how threats can countered: http://software-security.sans.org/blog/2011/03/07/oauth-authorization-attacks-secure-implementation