So there are a few tools to record and view live sessions of users on your website using js sdks's like:
logrocket,
hotjar,
https://github.com/rrweb-io/rrweb
https://github.com/openreplay/openreplay
etc ...
Is there any open source tools or any method of viewing a user's live session with the site but also being able to interact with the user's live session?
If user "John" was learning how to use the site and wanted help and an example on how to do something, he could contact a site admin and the site admin could see John's live session like logrocket does, and with John's permission he could take control and interact with john's session and show how to use the site.
The way I thought something like this would work is serializing the dom and showing the dom to the site admin and when clicking on an element it would send that click event through a websocket to the user's (john's) browser and it would execute the event from the site admin on the user's session.
This is kind of an old question, but one of the projects you mention there "OpenReplay" provides live session replay, the ability to interact with them (through a live video call directly from within the web app and giving you the ability to also input and control a secondary mouse to show them where to click) and at the same time, the tracker will sanitize any sensitive information to make sure you, as an outsider, can't see any private data.
Check out their product called "Assist", which is a plug-in to the standard tracker, you can use it for free as part of their free-tier on the SaaS or self-hosted options.
Related
The Dynamics documentation is just awful and I couldn't find an answer to this simple question:
In the web version of the CRM, is it possible to register a web page that can be toggled by the user and that itself has an internal state (updated regularly by an interval set with setInterval) that will persist even if the users closes the page (not the entire CRM, just the sub-page)?
We need the user to provide some information for a CTI integration, and this background process to keep alive the CTI session by polling an API while the user session is active. In addition, we need to reuse the component where the user provides the CTI information to be notified if the session fails and restore it or close it if necessary. The real purpose for this is to make a screen pop (push content information about the incoming call to the agent) which I know can be done using Xrm.Utility, although doing it with a REST API method would be much better, RouteTo Aciton looks like the best method to do this, but I'm not sure it will proactively show the item in the user's browser.
I'm not sure this question is as simple as you suggest, it seems relatively complicated, and involves an integration. I'm not suprised the Dynamics documentation doesn't provide an answer for this specific and unique scenario.
I don't believe there is any single feature within Dynamics that will meet this requirement.
You could use a HTML web resource or a web page from a seperate web site iframed into CRM. I think the possible use of these depends on your expected user experience; I believe the user would need to have the page loaded at all times showing these controls (e.g. user is looking at a dashboard) - I don't see how the controls could interact with the user client side otherwise. You could show the controls in multiple places however.
Xrm.Utility is one way to open a record, but it can also be done by Open forms, views, dialogs, and reports with a URL.
RouteToAction looks like it just adds a record into the user queue, the user would need to refresh the queues to see the changes. I don't believe there is any way for a server side REST API call to natively redirect the user.
You could add JavaScript to do this, however you might struggle to add the JavaScript into every page of CRM.
Where I have worked on a CTI integration in the past (assuming you mean computer telephony integration), we always had some other component doing the screen pops - the client's all had a desktop app installed as part of the telephony solution.
Perhaps you could look into browser notifications, or a browser plugin?
CONTEXT
I am building a web app which analyzes information on a user's site. I plan to do this by asking the user to add a JS snippet to their <head> which creates cookies that collect information about each visitor to that site.
PROBLEM
I would like to then send information that is held in this cookie back to my web app. I realize normally cookies cannot be accessed by anything other than code on the same domain, so I'm hoping that the JS snippet will read the content of that cookie and pass it back to my app - is this possible? What would be the best way to do it?
This is the basic pattern that's used by google analytics and most other website analysis tools as well as advertising modules. Your snippet, running on your user's site, can read/write cookies there. It can also make ajax calls to your own web service to communicate any data it gathers, including cookie contents. Your "app" doesn't run on your user's site, only the snippet (and any code it drags into the site).
I want to know if my website user click in a link in another website so I can show him a thank you message.
I want to get this click in another website link. Is it possible? How can I do something like this?
Thank you
Your question doesn't state whether you control the link you are trying to monitor, or if you are trying to monitor a link controlled by a third-party website. I'm going to assume the later, but if you control the link, then see the first comment to your answer.
The short version is that there is no way to independently monitor a user's action on another website from within your own. To allow this would violate some of the fundamental tenants that networking and the Internet are based on. For example, if I host the website www.reallyCoolRocksToBuy.com and I want to know whether or not you just purchased a really cool rock on Amazon after viewing it on my site, there is no way to directly get this data even though both my website and Amazon's are open in your browser at the same time.
The highest level object you can access via Java or HTML normally (there are always some exceptions) is the Window object of your own page. There used to be a way to have some control over a third-party page that was launched in a window that you spawned, but this is no longer possible, and even it it was, you still wouldn't be able to monitor any links from that site.
The only way to achieve what you want is for the third-party site to be involved in the communication. Many sites have APIs for sending and receiving referral or link information. For example, Amazon has an API that you can use when someone clicks on an Amazon link from your site. There are a number of ways this is achieved, but basically your link sends a specially encoded string to Amazon identifying your site as the referrer. Amazon can this use this string to create and share session information from the visitor. Depending on what your relationship was with Amazon, you might be able to use this session information to find out if your user purchased a pretty rock from Amazon, but it would be entirely up to Amazon to share this information.
Cookies and other local data can also be used to achieve similar results, but again, you have to have the cooperation of the site.
I am looking for a way to show Facebook engagement on from our website on our Facebook page. IE, when someone likes/shares etc. a page on the website, that that activity be reflected by our Facebook page in some way.
I was planning on using the graph API calls to do page updates, but the permissions are granted to users, not to the app itself, meaning this would only be possible for existing administrators, defeating the whole purpose (Perhaps a bit obvious in hindsight).
Is there a good, clean way of posting page likes/shares of our web pages to our Facebook page feed?
Notes:
I'm working in PHP and/or client side JS
A high volume of posts drowning our regular content is not likely at the moment, however, advice about how to manage such a beast in the long run might be helpful
If I understood correctly and want to share content from Facebook into your Website, the behavior you mention used to exist via the Activity Feed or Recommendations Feed. However, it has been deprecated since Graph API version 2.3.
If what you want is to update comments from people in your Website to your FB Page, you could implement something in your backend which listens to content uploaded and uses your Page Access Token to create custom stories using your user's data. As you mention, it won't happen in the name of people, but you could be creative and make the text narrate what people did on your website. Maybe even use OpenGraph for this.
According to the Facebook API documentation, most of the work is handled through javascript.
That means that all the processing is done, and then the front end checks if the user is connected to Facebook/authorized. right?
My question is:
Suppose a user goes to my site for the first time ever.
He clicks on "facebook connect". The javascript verifies him as authentic, and it "redirects" to another page on my server. From then on, how do I know that the user is actually authenticated to my website, since everything is done on frontend?
I think this is correct, but aren't there some security issues..:
-After user clicks Login, Facebook redirects to a page on my site. AND they also create a cookie with a specific "Facebook ID" that is retrieved only from this user. My backened will "read" the cookie and grab that ID...and then associate it to my userID.
If that is correct...then it doesn't make sense. What if people steal other people's "facebook ID" and then forge the cookie? And then my backend sees the cookie and thinks it's the real user...?
Am I confused? If I am confused, please help me re-organize and tell me how it's like.
Facebook Connect uses a clever (or insane, depending on your point of view) hack to achieve cross-site communication between your site and Facebook's authentication system from within the browser.
The way it works is as follows:
Your site includes a very simple static HTML file, known as the cross-domain communications channel. This file is called xd_receiver.htm in the FB docs, but it can be named anything you like.
Your site's login page includes a reference to the Javascript library hosted on Facebook's server.
When a user logs in via the "Connect" button, it calls a function in Facebook's JS API which pops up a login dialog. This login box has an invisible iframe in which the cross-domain communications file is loaded.
The user fills out the form and submits it, posting the form to Facebook.
Facebook checks the login. If it's successful, it communicates this to your site. Here's where that cross-domain stuff comes in:
Because of cross-domain security policies, Facebook's login window can not inspect the DOM tree for documents hosted on your server. But the login window can update the src element of any iframe within it, and this is used to communicate with the cross-domain communications file hosted on your page.
When the cross-domain communications file receives a communication indicating that the login was successful, it uses Javascript to set some cookies containing the user's ID and session. Since this file lives on your server, those cookies have your domain and your backend can receive them.
Any further communication in Facebook's direction can be accomplished by inserting another nested iframe in the other iframe -- this second-level iframe lives on Facebook's server instead of yours.
The cookies are secure (in theory) because the data is signed with the secret key that Facebook generated for you when you signed up for the developer program. The JS library uses your public key (the "API key") to validate the cookies.
Theoretically, Facebook's Javascript library handles this all automatically once you've set everything up. In practice, I've found it doesn't always work exactly smoothly.
For a more detailed explanation of the mechanics of cross-domain communication using iframes, see this article from MSDN.
Please someone correct me if I'm wrong - as I am also trying to figure all this stuff out myself. My understanding with the security of the cookies is that there is also a cookie which is a special signature cookie. This cookie is created by combining the data of the other cookies, adding your application secret that only you and FB know, and the result MD5-Hashed. You can then test this hash server-side, which could not easily be duplicated by a hacker, to make sure the data can be trusted as coming from FB.
A more charming explaination can be found here - scroll about halfway down the page.
Same issues here, and I think Scott is closer to the solution.
Also Im using "http://developers.facebook.com/docs/?u=facebook.jslib-alpha.FB.init" there open source js framework. So things are a little different.
For me, via the opensource js framework, facebook provides and sets a session on my site with a signature. So what I am thinking is to recreate that signature on my side. - if they both match then the user is who he says he is.
So basically if a user wanted to save something to my database, grab the session signature set up by facebook and recreate that signature with php and validate it against the one facebook gave me?
if($_SESSION['facebookSignature'] == reGeneratedSignature){
// save to database
}else{
// go away I don't trust you
}
But how do you regenerate that signature? preferably without making more calls to Facebook?