I have a question about writing a frame-buster-buster. I have already read Frame Buster Buster ... buster code needed but I need an extra tweak.
My content from my blog at [http://my_domain.c0m/blog] is being displayed at another site showing three "views". One view is a feed and doesn't particulary bother me. The other two bother me and I wish to break both. I also want to permit exceptions of domains with permission to frame.
In one view, it appears the the content from the top of my html of the top of my blog is first copied to create a "snapshot" [http://the_other_domain.c0m/copy_of_blog] then that copy is framed in [http://the_other_domain.c0m/ ]. So, in this case, the 'child' copy are both hosted at [http://the_other_domain.c0m/] . Google translate does a similar thing-- but I find this ok. So, I would like to break this frame while also permitting exceptions for google and also for people who have made a copy to their pcs and would like to view in a utility that might frame.
In the other view, it appears the content from my site is framed. So in this case [http://my_domain.c0m/blog_post] is framed by [http://the_other_domain.c0m/]. I would like to bust out of this frame. However, my difficulty is that I can't figure out how to do so while keeping the exceptions for google translate or individual pc users frames at home.
My solution so far (I am not particularly familiar with javascript. So, please don't laugh too hard at the redundancy and lack of knowledge):
I was able to bust the first frame using:
<SCRIPT type="text/javascript" >
var topWindow = String(top.location)
var topWord=topWindow.split("/")
var selfWindow = String(self.location)
var selfWord=topWindow.split("/")
var correctLocation ="http://my_domain.c0m/blog"
var correctWord2="my_domain.c0m"
var http="http:"
if( ( (topWord[2] != correctWord2) || (selfWord[2] != correctWord2) )
&& (topWord[2] != 'translate.googleusercontent.com' ) && (topWord[0] == http ) ){
document.write("message expressing my opinion about the asshattery going in here.]" )
setTimeout("redirect_after_pause()",8000)
}else{
//document.write("<p><font color='purple'>Hi there! Javascript is working.</font> </p> " )
}
function redirect_after_pause() {
var correctLocation ="http://my_domain.c0m/blog"
top.location=correctLocation
}
I know this is inefficient. But it works and achieves my goal of making an exception for a) translations at googlecontent which my readers in france requested and b) cases where a user is framing in a utility that downloads to their pc (which I think has uri's beginning with "FILE:".
Now the difficulty: This does not work for the view where content hosted at my domain is framed at the other domain. I believe I have tracked the problem down to var topWindow = String(top.location) not being permitted in my child window. In principle, this would work:
<script type="text/javascript">
if(top != self) top.location.replace(location);
However, I think it screws up the use of google translate which uses a top frame that holds their translation of my content also hosted at [http://translate.google.com]. I suspect it similarly screws up readers that might display a local copy on someones pc if that copy is displayed in a frame.
If someone can guide me toward a solution I can implement to break both frames while permitting my exception
BTW: It does appear that the site in question is using a framebuster. I poked around and found this inside their /static/common.js?1345250291 code:
enable_iframe_buster_buster:function(){var a=this,b=0;window.onbeforeunload=function(){b++};clearInterval(this.locks.iframe_buster_buster);this.locks.iframe_buster_buster=setInterval(function(){0<b&&(b-=2,a.flags.iframe_story_locations_fetched&&!a.flags.iframe_view_not_busting&&_.contains(["page","story"],a.story_view)&&NEWSBLUR.reader.active_feed&&($(".NB-feed-frame").attr("src",""),window.top.location="/reader/buster",$(".task_view_feed").click()))},1)},disable_iframe_buster_buster:function(){clearInterval(this.locks.iframe_buster_buster)}
That's deep inside some particulary dense javascript. Whatever it does it doesn't seem to affect my ability to bust the frame for the case where my content is copied and hosted at [http://the_other_domain.c0m/]. I haven't yet fully explored whether it busts simple framebusters because earlier I only recently recognized that " var topWindow = String(top.location) " was forbidden in the child frame with a different domain from the parent frame.
Whether or not the frame-buster is present, I'd like help with solutions here. I know that if one site is now framing my content in this way it is only a matter of time before the obnoxious technique catches on and I would like to code in solutions that bust both methods gracefully while providing myself with exceptions. Thanks in advance.
Related
To help analyzing a site's user flow, I wrote a test bed in JavaScript, creating a new fake tracker, sending a few fake pageviews in like 1-2 second intervals according to a pretty extensive, randomized graph of expected views. I then set up goals in GA, containing funnels through certain pages. Then I left it running for a few hours, accumulating a few hundreds fake users.
Raw goal conversion percentages look good, page content flows too, BUT... when I'm looking at Goal Flow, some of the connections in the funnels don't make sense. For example 80% of my fake users seem to go from step "about" directly to step "success", skipping "product" and "payment", while - according to my test setup - that can't ever happen. (Step names used are examples to match the code below.)
I'd like to see exactly what paths did these particular users take - did some pages just not register, or did they register out of order, or what? Is there any way I can view RAW user journeys in GA, page by page?
For those interested, the testing code is basically like this:
ga("create","UA-0000000-2", "auto", "testtracker", {
'cookieName':"_ga_test_"+Date.now(),
'cookieExpires':120,
'clientId': 'cid-'+Date.now(),
});
var spd=1500;
var delay=0;
function pageview(page) {
setTimeout(function() {
ga("testtracker.send","pageview",page);
console.log("Sending: "+page);
},delay+=spd);
}
pageview("start");
if (Math.random()<.60) pageview("about");
if (Math.random()<.30) {
pageview("product");
if (Math.random()<.20) {
pageview("payment");
if (Math.random()<.70) {
pageview("success");
}
}
}
Apparently, I still have a lot to learn about GA.
The solution is to use Audience -> User Explorer and defining a very specific Section based on the suspicious sequence of pages does show individual users matching that pattern. And indeed somehow GA logged a pretty large number of such odd users for me, perhaps failing to register pages visited in too narrow time intervals.
I'm leaving the question for posterity, and perhaps for those who can find my code snippet useful.
I currently have an application that works with Firebase.
I repeatedly load profile pictures. However the link is quite long, it consumes a certain amount of data. To reduce this load, I would like to put the link in raw and only load the token that is added to the link.
To explain, a link looks like this: “https://firebasestorage.googleapis.com/v0/b/fir-development.appspot.com/o/9pGveKDGphYVNTzRE5U3KTpSdpl2?alt=media&token=f408c3be-07d2-4ec2-bad7-acafedf59708”
So I would like to put in gross: https://firebasestorage.googleapis.com/v0/b/fir-developpement.appspot.com/o/
In continuation: “9pGveKDGphYVNTzRE5U3KTpSdpl2” which is the UID of the user that I recover already and the or my problem this poses: “alt = media & token = f408c3be-07d2-4ec2-bad7-acafedf59708” which adds randomly for each photo .
I would like to get back only this last random piece …
Is it possible ?
Thank you
UP : 01/11 Still no solution
It's not supported to break apart and reassemble download URLs. You should be treating these strings as if their implementation details might change without warning.
In adobe analytics I try to implement link tracking for all links can be found in a page using this:
$(document).on('click', 'a', function() {
s.tl(this, 'e', 'external', null, 'navigate');
return false;
});
Try to test it using a page like this
The extra calls are likely coming from how you have Adobe Analytics configured. There are a handful of config variables that will cause extra requests depending on how you set them (on their own and/or in relation to each other).
Here is a listing of Adobe Analytics variables for reference. These are the ones for you to look at:
s.trackDownloadLinks - If this is enabled, any standard links with href value ending in value(s) specified in s.linkDownloadFileTypes will trigger a request on click. Generally, this is to enable automatic tracking for links that prompt a visitor to download something (e.g. a pdf file).
s.trackExternalLinks - If this is enabled, any standard links with href NOT matched in s.linkInternalFilters OR matched with s.linkExternalFilters will trigger a request on click. Generally, this is to enable automatic tracking for links you count as visitor navigating off your site(s).
s.linkInternalFilters - If you have either of the above enabled, clicking on links may trigger a request, depending on values here vs. what you enabled above vs. what you have in s.linkExternalFilters. Generally, this should include values that represent links you do NOT want to count as navigating off your site(s).
s.linkExternalFilters - If you have either of the above enabled, clicking on links may trigger a request, depending on values here vs. what you enabled above vs. what you have in s.linkInternalFilters. Generally, you should never set this. It's intended for edge-use-cases for people who know what they are doing and have a complex site eco-system and definitions of what counts as internal vs. external.
s.trackInlineStats - This is for clickmap/heatmap tracking. This may or may not trigger an extra request, depending on how a lot of different stars align.
In addition to these, you may already have some plugins or other custom code that triggers click tracking. For example, there are linkHandler, exitLinkTracker, and downloadLinkTracker plugins that you may have included in your code that may play a part in extra requests being triggered.
Finally, more recent versions of Adobe Analytics code may trigger multiple requests depending on how much data you are trying to send in the request (whereas older versions just truncated the request, which resulted in data loss).
In any case, the long story short here is if you are looking to roll your own custom link tracking, you should make sure the above variables/plugins are removed or otherwise disabled.
But on the note of rolling your own custom link tracking.. I'm getting a sense of de ja vu here, like I already made a comment about this relatively recently in another post, over this exact same code... but generally speaking, this is not a good idea:
$(document).on('click', 'a', function() {
s.tl(this, 'e', 'external', null, 'navigate');
return false;
});
You are wholesale implementing exit link tracking on every single link of your page. And you are giving them all the same generic "external" label. And the native exit link reports are pretty limited and useless to begin with, so ideally you should also pop an eVar or something with the exit url or something.
But more importantly.. unless literally every single link on your pages are links that navigate your visitor off-site, this is not going to be useful to you in reports in general, and it's even going to ruin a lot of your reports.
I can't believe (or accept) that you really want to count every link on your pages as exit links..
I assume s.tl does an ajax call.
It should then forward the link to the href of the link - if the link is allowed to be followed immediately, the ajax call will be interrupted which seems to be what you see
You may want to change to
$(document).on('click', 'a', function(e) {
e.preventDefault();
s.tl(this, 'e', 'external', null, 'navigate');
});
I found this article when looking to see what s.tl is https://marketing.adobe.com/developer/forum/general-topic-forum/difference-between-s-t-and-s-tl-function
Whenever I try to test a Qualtrics survey in preview mode, Qualtrics.SurveyEngine.addOnload will be called twice. This is not a problem for conditional events (as in most of the examples), but a large problem for unconditional code a timed page change (this will be triggered twice as well). See the following snippet:
Qualtrics.SurveyEngine.addOnload(function()
{
$('NextButton') && $('NextButton').hide();
var that = this;
var timeOutInterval=1000+Math.trunc(Math.random()*10000);
alert(timeOutInterval); //for Testing only
var myVar;
myVar = setTimeout(function(){ that.clickNextButton();}, timeOutInterval);
});
If I launch the survey, this will lead to a page change after 1-11 seconds. If I preview the survey, this change will happen as well, followed by a second change. The alert will be shown twice as well.
Does anyone have a solution, how this functionality could be tested in preview mode?
I've run into Survey Preview issues with JFE as well. There are ways to get around JFE mode and preview in non-JFE mode.
If only care about a specific set of questions in a block and don't care about the survey flow, the easiest solution is to use View Block. It does not use JFE. Go to the Block drop down and choose View Block.
If you need to preview the whole survey, there are tricks to 'break' JFE and force it to non-JFE mode. These tricks seem to be a moving target as Qualtrics makes changes. The best one (easiest) I've found that is working for me today on my Qualtrics account (notice all the qualifiers) is to add an end of survey object to the survey flow, click custom, and check the "Override Survey Options" box.
If that doesn't work, I've found that once a survey gets over a certain size, it doesn't use JFE mode anymore. I don't know what the limit is, but if you add a bunch of fake questions after your end of survey you can trick it that way as well.
Qualtrics links jQuery as of current writing (albeit the shorthand $ is reserved for the prototype.js library).
Following should skip execution of addOnload javascript in the mobile preview:
Qualtrics.SurveyEngine.addOnload(function()
{
if(jQuery(this.questionContainer).parents('.MobilePreviewFrame').length)
{
console.log('Mobile Preview - skipping rest of addOnload');
return true;
};
console.log("Running addOnload()");
// The rest of your code. Log statements can obviously be removed
});
Hope this is helpful
It seems Qualtrics now defaults to JFE mode for live surveys as well. We have been able to resolve this by adding the query string &Q_JFE=0 to the end of our survey URLs, like so:
https://uleidenss.eu.qualtrics.com/SE/?SID=SV_123432434343&Q_JFE=0
This had the additional benefit of solving our issue with JFE mode breaking several of our long time running Qualtrics JQuery experiments.
I would like to write a scraping script to retrieve comments from cnn articles. For example, this article: http://www.cnn.com/2012/01/19/politics/gop-debate/index.html?hpt=hp_t1
I realize that cnn uses disqus for their comment discussion. As the comment loading is not webpage-based (ie, prev page, next page) and is dynamic (ie, need to click "load next 25"), I have no idea how to retrieve all the 5000+ comments for this article.
Any idea or suggestion?
Thanks so much!
I needed to get comments via scraping a page that had disqus comments via ajax. Because they were not rendered on the server, I had to call the disqus api. In the source code, you will need the identifier code:
var identifier = "456643" // take note of this from the page source
// this is the ident url query param in the following js request
also,look in the js source code to get the pages public key, and forum name. Place these in the url where appropriate.
I used javascript nodejs to test this, ie :
var request = require("request");
var publicKey = "pILMw27bsbJsdfsdQDh9Eh0MzAgFL6xx0hYdsdsdfaIfBHRvLGqFFQ09st";
var disqusUri = "https://disqus.com/api/3.0/threads/listPosts.json?&api_key=" + publicKey + "&thread:ident=456643&forum=nameOfForumFromSource";
request(disqusUri, function(res,status,err){
console.log(res.body);
if(err){
console.log("ERR: " + err);
}
});
The option for scraping (other then getting the page), which might be less robust (depends on you're needs) but will offer a solution for the problem you have, is to use some kind of wrapper around a full fledged web browser and literally code the usage pattern and extract the relevant data. Since you didn't mention which programming language you know, I'll give 3 examples: 1) Watir - ruby, 2) Watin - IE & Firefox via .net, 3) Selenium - IE via C#/Java/Perl/PHP/Ruby/Python
I'll provide a little example using Watin & C#:
IE browser = new IE();
browser.GoTo(YOUR CNN URL);
List visibleComments = Browser.List(Find.ById("dsq-comments"));
//do your scraping thing
Link moreComments = Browser.Link(Find.ByClass("dsq-paginate-append-text");
moreComments.click();
//wait util ajax ended by searching for some indicator
Browser.WaitUntilContainsText(SOME TEXT);
//do your scraping thing
Notice:
I'm not familiar with disqus, but it might be a better option to force all the comments to show by looping the Link & click parts of the code I posted until all the comments are visible and the scrape the List element dsq-comments