How to bypass Browser add-ons from Blocking Azure Application Insight Logs - reactjs

I'm using Application Insights JS SDK React Plugin to log application insights data to Azure. This data publishing could get blocked by some browser extensions such as Ad Blocker, Privacy Badger, etc. In my case analytics got blocked by Privacy Badger while experimenting.
I know it can be prevented by disabling relevant add-ons for the particular site from the browser. Just wondering is there a particular way to prevent this from implementation side without asking users to disable their add-ons.

Have you considered building a proxy to forward traffic to your own domain before then passing it off to App Insights?
https://github.com/shaneochotny/ApplicationInsights-JS-Proxy
Show how to proxy requests from the Application Insights Javascript SDK instead of sending telemetry directly to dc.services.visualstudio.com. This allows you to do things such as use your own custom domain and/or hide the Instrumentation Key.
There are step by step instructions in that link to configure this

Related

Writing azure consumption Logic app traces to App Insights

Can I send traces of steps in my consumption logic app workflow to any application insight? Is there an out of box provision for the same?
While you are linking application insight to your logic app which ever application insight you provide in logic only those traces will be sent to email.
You can go through the Microsoft Document for further information.
As far as I know, there is no out of box connector available to trace logs in Application Insights for Consumption Logic App.
There are two options available
Use Tracked Properties to send custom fields that needs to be tracked to Log Analytics Workspace.
Check this
Invoke Azure Function from Logic App to log into App Insights.
or you can use Standard LA which is recommended for enterprise production scenarios

NextJS advice for SSG/SSR and Google Analytics/cookies

I have a NextJS site which is statically generated at build (SSG).
There are two things I need to implement next
Google Analytics
GDPR compliant opt-in cookie options
The first one is easy enough to do, however i'm struggling with making this GDPR compliant.
The issue is I don't have access to cookies at server side when my site is statically generated. This means that without knowing whether the user has consented to cookies at the server, I can't serve (or not serve) the analytics script along with the rest of the page.
Possible solutions:
Handle everything at client side - ask for consent, then dynamically add the GA tag to the <head>. However i'm worried this will negatively effect the analytics, or break it altogether. Does anyone know?
Change my site to be server-side rendered (SSR). I'd love to avoid this if possible. I'm really happy with how fast the site is running with SSG. It's essentially just a basic blog so would be a shame to have to convert for the sake of analytics.
Any other ideas?...
If anyone has experience with this, whether they used Next or Nuxt, etc, your input would be greatly appreciated!
Thanks in advance
Use Google Tag Manager to manage everything, your GA integration and your cookie integration using something like CookieHub for example (How to set up Google Analytics through Google Tag Manager for Next-Js?)
GTM will allow you to trigger the GA script only if the user specified he accepts analytics cookies.
Eitherway you could use Vercel.com built in analytics since your website is using Next.js wich is Vercel's framework.

Chrome extension(Angularjs) to Gmail Add-on (Appscript)

We've developed a google chrome extension (with angularjs), which reads gmail mails, and sends them to on-premise servers by consuming a soap services. Now some of our customers have internal security policies prohibiting them to use chrome extensions, which now forces us to develop a Gmail Add-on (Google Appscript).
My question is, is there a way to comfortably reuse our angularjs application and include/use it in an Google Appscript application.
We are aware of the fact, that Appscript application actually arent client-side applications (unlike chrome extensions), and that we probably have to rewrite large parts of our application, but we just don't want to miss any opportunity regarding reusing our angularjs code.
Also did any of you experience major limitations of Google Appscript when consuming soap services (actually this is the main functionality of our existing application)
Thank you for any advice.
GMail Add-ons won't allow for that but you might be able to leverage Google Apps Script Web Apps.
Unfortunately, there is a bigger issue you'll have to take into account. Many of the scopes associated with the GMail API are now restricted under the new User Data Policy, where your application will need to be verified and possibly have to undergo a security assessment; which could cost you anywhere from US$15K - US$75K! Read the section titled "How will the security Assessment Work?" in the OAuth Application Verification FAQ for details.

Which ad network for cross platform web apps

It is really unclear what to use when you want to put ads on a cross-platform web application published as is on a website and also on the stores through phonegap.
Admob, Adsense ...?
Moreover, which one has a simple html/js integration system?
For now, I am using inmobi and their js api is very simple and nice, but I have cross domain problems...
Can you help clarify ?
this is Akshay, JS Dev, InMobi. InMobi is an ad-distributor. The ads/creatives are made by the advertisers. Also, these ads are placed in an iframe so that these ads cannot access the data present in your page, thus providing security. Because some ads try to "burst" out of the iframe, chrome throws the warning. However, these warnings can be safely ignored and will not affect your website's functionality.
That being said, InMobi's javascript is not responsible for these issues, rather the advertiser and InMobi has no control over this. There are some ad networks which require a dummy page to be present on your domain. By using such ad networks, the chrome warnings disappear (because the iframe is on your server and cross domain problems do not occur). However, by doing so, the ad has complete access to your webpage, compromising security.

How can data be routed thru an app-engine domain if the request is from a page on a users computer?

I have an application on google app engine that serves an html file with the following script
<script>
ChemDoodle.iChemLabs.getMoleculeFromDatabase('pubchem', 'morphine', function(mol){
alertMolecule(mol);
});
</script>
This uses a XHR level 2 request, which requires that iChemLabs (or whoever the server side people are) enable support for my domain. What is the domain that the server side (with XHR enabled) should enable? I don't really understand how data can be routed through the app engine domain if the request is coming from an html page sitting on an app-user's computer?
I think you are talking about Cross-Origin Resource Sharing (CORS) which is method that web servers can use to let the browser know which sites (identified by domain) can share information with each other.
Mozilla has a good detailed run through of how it should work. It relatively new and only modern browsers implement it.
Nothing is "routed through" anybodies apps, all you are doing is telling the browser that sitea.com is happy to share data and accept requests that originated from an application originally served by siteb.com

Resources