The Website is using OneTrust, when popup cookie setting show then generated _ga cookie name.
Client want to when click button Reject all on popup cookie setting then delete _ga cookie name.
But I think delete cookie name _ga is behavior of OneTrust or I've to use Jquery to delete cookie name _ga
Related
Id like to make my Code in my respository only visible with a password
When i set my Visibility to private & open the RAW page, i get this URL
https://raw.githubusercontent.com/---.lua?token=TOKEN
But this TOKEN is only active for a short time, is there anyway to assign a token that is always active?
I have a GWT project, using Activities and Places. My problem is with history token.
Pattern of my token :
#/{key 1}/{value 1}/{key 2}/{value 2}
Value 1 must be Number
Value 2 must be Number
the valid token is :
#/view/1/date/123123123123
I decided to validate the token and then the problem appears.
In example, if the user change manually the token :
#/view/qqweqweqwedate/date/123123123123
In this case Value 1 is not a Number. I catch this exception and fix the token with the default value. The problem is that the invalid token is in the history and when I click "Back" button on the browser it appears again .
Could someone tell me how to remove the invalid token from the history or don't allow it to be written in the history ?
Once you set a new hash (new token in GWT), it is stored in the browser history stack.
You cannot remove tokens from the browser history, so the most you can do is to handle this event with code. I mean, when the user clicks back, the malformed token will be visited, and you can be notified doing whatever you want: to fix the token again and bring the user to the correct token, or to call History.back() so as the user is sent to the previous token.
The problem I see is whether to know when the user comes from the already fixed token screen to send it back.
In theory, you could use event.oldURL and event.newURL using javascript, but those attributes are not exposed in GWT, so you should implement them by hand using jsni.
I have requirement that once user has logged in and is authenticated URL should be changed to SSL and when he logs out url is back to HTTP.
I am aware about Properties in webpart where we can set YES/NO/INHERITS/NEVER.
I am able to set HTTPS permanently but not dynamically.
Any suggestion/help is appreciated.
I'm not aware of any functionality within Kentico to do this, but you should be able to create a webpart and place it on the masterpage. This web part would just check the current user, and if there is a user that is logged in redirect to https version and vice versa.
You could also add some logic to make sure it doesn't do this in the the edit tab in cmsdesk.
You can check the user with
CMSContext.CurrentUser
Some help with redirecting to the secure page can be found at
asp.net c# redirecting from http to https
As rocky said there is not functionality out of the box that will do this for you.
You need to create a web part like it was suggested by Lukek that checks that the user is logged in and redirects them to the https address.
The code below will redirect.
if (!Request.IsLocal && !Request.IsSecureConnection)
{
string redirectUrl = Request.Url.ToString().Replace("http:", "https:");
Response.Redirect(redirectUrl);
}
As suggested bu lukek you need to check the CMSContext.CurrentUser however I would also use the HttpContext.User property.
That will enforce the request to be https.
I would to change the default login page (to /content/ethz_ch/Login)
I configured tha page by the Day CQ Login Selector Authentication Handler
In ./launchpad/config/com/day/cq/auth/impl/LoginSelectorHandler.config I see
auth.loginselector.defaultloginpage="/content/ethz_ch/Login"
as expected.
I then configured a test page (/content/ethz_ch/de/auth_test.html) with a closed user group and left the login page field blank.
When accessing the test page, instead on the newly defined login page I am redirected to
https://..../system/sling/cqform/defaultlogin.html?resource=%2Fcontent%2Fethz_ch%2Fde%2Fauth_test.html&$$login$$=%24%24login%24%24
Any idea on what I am doing wrong?
In the Day CQ Login Selector Authentication Handler there is a Path Info setting which restricts the possible login pages:
A list of request extensions indicating requests for which the Login Selector Authentication Handler may request credentials. Any request whose extension is not one the listed extensions will not cause the credentials to be requested. If this list is empty the default list of html and htm is used. Note that the list entries must not have leading dots. Requests without extension or requests with trailing slashes (/) are always handled by the Login Selector Authentication Handler regardless of this configuration.
Specifying the Default Login Page with the full URL (with extension) solved the problem:
/content/ethz_ch/login.html
In our app (service provider), there is a security filter to prevent viewing certain pages. For example a user can view a.xhtml but not b.xhtml. The user can login to view a.xhtml. And if he type in the URL to b.xhtml, the security filter will redirect himi to an error page.
Using josso, before login, user may type the url to b.xhtml and would be redirected to josso login page. After successful login, user will be redirected to the "back_to" page, which will be b.xhtml. In this case the security filter is not triggered, the use can see b.xhtml!
Refresh on b.xhtml then will trigger the filter and send user to error page, but too late.
We use josso 1.8.5 and tomcat 7.0.26.
Please any guru can help?
Thanks