I have an application where I'd been asked to support Google sign-in. Something we've tried to do since the beginning was not require javascript for any important functions. Is it possible to perform Google Sign-in without requiring Javascript?
I've read some of the guides such as https://developers.google.com/identity/sign-in/web/sign-in and https://developers.google.com/identity/sign-in/web/backend-auth, but they all seem to have a javascript component involved.
For example, can we use only links and redirects, etc. to accomplish a Google-based authentication, along with some server-side verification?
I think what you want to do is described in the OAuth 2.0 for Server-side Web Apps documentation. Several of the sections in that doc have tabs with language specific examples and there is also an HTTP/REST tab that shows how to generically use Google's OAuth URls.
You will also want to follow Google's sign-in branding guidelines.
I've been looking for the same thing. I'm sick of popups and I don't want them in my site. It seems like there should be a way to just link to a Google page, then redirect the user back to my site. However there doesn't seem to be any documentation about how to do that.
I also agree that it shouldn't matter what programming language is being used. Google doesn't need to know that. All we need is a URI to send the user to, and some way to indicate where the user should be redirected back to.
Related
Is it possible to use my own FQDN with Firebase Dynamic Links, instead of the subdomain offered by Google below page.link?
Unfortunately it is currently not possible to fully customize the domains of your dynamic links through Firebase. If you have a business need for this, please go ahead and file a feature request with the team. Generally enough demand helps get features prioritized :)
I have a website like IMDB. All data are publicly available. I want to know how to protect the data from web scrapers ?
There is only one full-proof method against scrapers, that is captcha. But as it affects user experience most of the websites avoid it.
Another option is using AJAX for loading data. This will help avoiding the scrapers which are not built to render JavaScript, but one can make one using Selenium WebDriver. In addition AJAX is also bad for SEO, in case you are into google rankings and all.
A more effiecient and awesome way will be tracking the user behaviour and saving the information into cookies, if something seems suspicious serve a captcha to user. Just how the google captcha works on several sites.
Check this link : https://blog.hartleybrody.com/prevent-scrapers/
We are currently trying to use Concrete5 to create an internal Intranet for the company I work for (this is a web-based server). What we would like to do is allow our employees to sign in using their Gmail and be able to see their personal calendars amongst other things on sign in.
I would like the employees to just sign in once, get automatically asked for granting permissions during the login, and then be taken to the home page.
I'm having trouble figure out how to modify Concrete5's built-in Google login to request these scopes. I am pretty bare-bones in my PHP knowledge and no amount of Google searching has really answered my question specifically for modifying the authentication for Concrete5.
So to sum up my question:
How would someone go about modifying Concrete5's Google authentication to request additional permissions? We are using 5.8.3 and are always updating as necessary, so modifying the core is not really an option to prevent overwrites in the future.
The best way to do that would be to copy the core Google login system to create a new one. You could call it Google Custom or anything you want. You could include it in the folder application/authentication or in a package, with the appropriate modifications.
But to be honest, if you're bare-bones in your PHP knowledge, it all might be a bit too difficult to achieve
I'm developing a new Drupal site and was hoping to use Disqus for the comments. I have Single Sign-On configured, however I don't see any way of using it exclusively. Meaning, disable sign in with regular Disqus accounts, Facebook, Twitter, and Google, so that only users that have signed up through my site can use it. This is the way IGN.com does it, for obvious reasons, and it seems to work just fine.
I'm trying to create a unified community of users with unique names, and that doesn't really work when anyone can just log in with their Facebook and use whatever name they want. Then there can be a hundred people with duplicate names and the account they're commenting with won't have any ties to my site.
IGN uses a product that is no longer offered by Disqus, and there's no way to restrict the login options to SSO-only.
You might be interested in using AudienceSync, which replaces this. You can read about it and request to use it here: http://help.disqus.com/customer/portal/articles/1104796-single-sign-on-audiencesync
I'm wondering if it's possible to capture details from the web page that a user previously visited, if my page was not linked from it?
What I am trying to achieve is to allow users to my site to find a page they like while browsing the web, and then navigate to a page on my site via a bookmark, which will add the URL (and possibly some other details like the page title) to a form which they can then submit to my site to add the page to a list of favourites there.
I am not really sure where to start looking for this. I wondered if I could use http referrer, but think this may only work if there is a link to my page?
Alternatively, I am open to other suggestions as to how I could capture this data - a Firefox plugin? A page which users browse other sites in an iframe, with a skinny frame on top?
Thanks in advance for your suggestions.
Features like this are typically not allowed by browsers for security and privacy reasons. The IFrame would work, but this is a common hacking technique so it may be likely to break or be flagged in the future.
The firefox addon is the best solution, but requires users to install it manually.
Also, a bookmarklet could be used. While they are actively on the target page, the bookmarklet could send you the URL.
This example bookmarklet would create a tinyURL for the destination page. You could add it to your database or whatnot.
javascript:void(window.open('http://tinyurl.com/create.php?url='+document.location.href));
If some other site links to yours and the user clicked on that link which took them to your site you can access the "referrer" from the http headers. How you get a hold of the HTTP headers is language / framework specific. In .NET you would use the Request.UrlReferrer; other frameworks would probably handle it differently.
EDIT: After reading your question again, my guess would be what you're looking for is some sort of browser plugin. If I understand correctly, you want to give your clients the ability to bookmark a site, while they are on that site, which would somehow notify your site about the page they're viewing. The cleanest way to achieve this would be a browser plugin. You can also do FRAME tricks, like the Digg bar.