I have a website in which i have a paypal set up, After getting the amount the i will give an embedding code to other websites to use my iframe.
Is there a way to generate unique code for every website?
also i will have to check that only authorised websites are using my iframe.
Related
We have an external website (let's say abc.com) that use Google as only log-in mechanism, and allows to embed the content created in this service on external websites using iframes.
We are embeding content from abc.com on our website xyz.com. Our website is using our own authentication mechanism, and we need our clients to be able to see content embeded in iframes, without having them to create Google accounts and login using Google.
Is it possible to create a single Google account that we could use to authorize to be able to display the content from abc.com in iframes on our website? and to do it programatically, so that a customer who already logged in on our website does not have to take any action to see the iframe contents? Thanks.
We simply cannot the contents from the abc.com website via API which would allow us to use service accounts and different authorization methods. The content is only available via web service after logging in using Google account.
I'm currently struggling with authentication on an application. The thing is that I need to get some authentication id from another application that is not in my domain. This could be easily solved if I was able to make a post request to that application and get in return that authentication id (glbid in my case).
I am able to perform that post request, but that would only work for authentication using the other app form. Since they also provide facebook / gmail login, what I'm trying to do is to read the glbid generated on that page after the login is executed.
I also know that the glbid that I need is located in localStorage on that page.
What I'm currently doing is loading an Iframe on my page with the link of that application login page. After the login via Iframe, I was hoping that I'd be able to access localStorage.
After some research, I've found out postMessage. It would work fine for some Iframe that I could have minimal control, but since the link that I'm embedding to Iframe is not in any case under my domain, I'm stuck!
Here's how I access the glbid via chrome console on the application domain login page:
JSON.parse(window.localStorage['ca.vc.data.glbid']).value;
As a result, I get the glbid. But I want to do that via Iframe. How can I do that? Can someome please support me, or if that is not possible via Iframe, show me another way to reach the same result?
Working on a site.
If I force a site to only allow logged users to access the site how do I parse the pages so google doesn't block the site?
If you want the Google Spider to access your site, you need to have some public pages accessible to it.
You can communicate to Google which page to crawl using a site map and robots.txt files in your site.
Another technique could be to server different content based type of visitor, if the visitor is a search engine bots, the server return your content, if the visitor is a browser/user you can return only the login page. This technique is not bullet proof as content indexed in the Google Serp is cached and a user can see the cache result any time (you can potentially even do not allow caching for your pages in the serp).
I would like to restrect access to one page in a wordpress website, so that the page is only accessible to users coming from a specific website.
Lets say my wordpress website is www.wptest.com and the page www.wptest/tickets should be accessible only to the users coming from the website www.eventorganisatortest.com/register
How is that possible with Javascript? I have a solution with php, but I would like a javascript one. I know, it could be easily spoofed, but it doesn't matter, as our users are not that experienced, and even if they do it, it's not a big deal.. We just make our effort so that they register first on the www.eventorganistortest.com website and click on the button "Buy Tickets" on it, to get redirected to our portal www.wptest/tickets and buy their tickets.
Here is the php code that could do that actually..
PHP Allow access to specific referrer url/page only
You would restrict them using the below code and a conditional.
string = document.referrer;
https://developer.mozilla.org/en-US/docs/Web/API/Document/referrer
I am writing a Facebook application that is a simple board game which I have implemented in javascript. Facebook only seems to let javascript applications run within an iframe so I am loading the page using <fb:iframe>. I just want to be able to tell the javascript the user's id so I can tell the user if it is his turn or not but I can not find documentation on accessing facebook data from within the fb:iframe. I am probably missing some basic conecpt as I do not understand the facebook API very well.
Facebook's API is very tough to follow, and the documentation is very poor. You're right about the Javascript... normal Javascript only works inside an iframe on Facebook, otherwise you're limited to a subset of filtered Javascript called FBJS. You can safely ignore anything about FBJS in the documentation, and focus on iframes.
Iframe loading
The first thing I would mention is that an <fb:iframe> tag actually gets rendered with a ton of stuff in the src attribute. So if you put a tag like this into your Facebook page: <fb:iframe src="http://example.com/page?x=y">, what it ends up becoming when it loads into a user's browser is more like this:
<iframe src="http://example.com/page?x=y&fb_sig_in_iframe=1&fb_sig_locale=en_US&fb_sig_in_new_facebook=1&fb_sig_time=1246340245.3338&fb_sig_added=1&fb_sig_profile_update_time=1242155811&fb_sig_expires=1246345200&fb_sig_user=000000001&fb_sig_session_key=2.d13uVGvWVL4hVAXELgxkZw__.3600.1246345200-000000001&fb_sig_ss=mZtFjaexyuyQdGnUz1zhYTA__&fb_sig_api_key=46899e6f07cef023b7fda4fg2e21bc58&fb_sig_app_id=22209322289&fb_sig=bbc165ebc699b12345678960fd043033">
Facebook adds a ton of stuff to the src. The parameter that tells you the user's Facebook id is fb_sig_user (which is 000000001 here). I'm assuming your app is set up as an "FBML app", since you probably wouldn't use an <fb:iframe> tag in an "Iframe app". Nonetheless, the rendering method is similar in both cases, and you get a bunch of extra stuff to your src document in an "Iframe app" as well.
This really only passes you the Facebook user id on the first load of the iframe, however. Subsequent operations within the iframe won't have access to that user id unless you pass it around explicitly.
Facebook Connect
If you want to interact with Facebook from within the iframe, that's where the Facebook Connect Javascript libraries comes in. The best instructions on setting up Facebook Connect is probably this wiki page, but it's still a bit murky. Facebook Connect can be used for both completely external sites, or just regular content inside an iframe. You fall into the latter category, so if you follow the instructions in that link and use the first line of code in step 2 (for the FeatureLoader), you should be ok.
Once you've included the FeatureLoader.js script and called FB.init, you should generally be up and running with FB Connect. You should be able to interact with the API from then on out. The users.getLoggedInUser() method will give you the current user id inside the iframe via Javascript.
Hope that helps.
Note that as of March 2011, FB is moving to POST requests to load iframes. It sends a form action with method="post" and target="iframe_canvas", plus an input type="hidden" with a "signed_request"
You cna use the facebook API to get the user ID by calling
Users.getLoggedInUser
You can access that value, then use echo() to add that to your HTML as a javascript variable, which will make it available to your Javascript code.
Try Env.user, it has the logged in user's ID.