in a wagtail project, I need all image and document file URLs to be "private", e.g. to respect the "privacy setting" of the collection that file/instance belongs to.
Further, these URLs must be private even if the URL is known/guessable.
For wagtail documents, I've found:
https://docs.wagtail.io/en/stable/reference/settings.html?highlight=sendfile#documents
which works.
I've expected a similar setup/reference for wagtail images, but got:
https://docs.wagtail.io/en/stable/advanced_topics/images/image_serve_view.html#advanced-configuration
I did not manage to successfully implement this image_serve_view-sendfile-configuration.
Anyone knows a way to serve wagtail images the same way as wagtail documents (via the simple setting WAGTAILDOCS_SERVE_METHOD?
I'm OK with the StreamingResponse in case django-sendfile is not installed. I just want my wagtail documents AND images to respect the privacy level defined via the collections privacy setting (e.g. "Private, only accessible for logged-in users").
But even with a more elegant and performant solution via django-sendfile (or a more up-to-date and maintained fork like django-sendfile2) I'm missing documentation which details the steps to implement this setup for wagtail documents and wagtail images.
Enforcing privacy for images is not as simple as documents for the reasons described in this issue:
https://github.com/wagtail/wagtail/issues/3880#issuecomment-332798643
That issue has been referenced more recently, so i believe is still the case. It is marked as 'someday' (valid but lower priority).
This is not a full answer, but hopefully helps articulate the problem.
Related
We're using wagtail with CSP (obviously) which means that every time we need to transclude/embed some content from another site we need to update a CSP whitelist as the only way to ensure that server headers play nice with embedded content.
Is there, however, a way to do this from within Wagtail itself, through its admin UI? This seems like the kind of thing a CMS-ORM should be pretty good at.
Looks like this isn't a feature of WagTail at the moment. It looks like there is an open ticket on CSP issues (especially regarding Django CSP integration). It might be a good idea to add your complaint about the lack of UI to that ticket.
Since Wagtail is built on Django, I would suggest using the Django CSP library in the meantime, it seems fairly straightforward and is backed by Mozilla.
I’m in the process of building a new webapp which uses Wagtail. This is an architecture question.
There will be the standard About, Terms of Service, and Blog pages. All of which fit in with the Wagtail paradigm very nicely. The rest of the site content is location-based information about specific types of businesses. Think of a FourSquare type app. The data for these pages will be very structured, be updated via user-facing webpages and a mobile app, and be JavaScript heavy.
For the regular Wagtail pages, there may be hundreds over time. For the location page types there will be (hopefully) tens of thousands of pages that will be nested to a max of four levels.
From a site-wide feature perspective, I’m looking to leverage Wagtail features like sitemaps and Elastic Search.
My question is, should I use the wagtail Page class for my location based pages?
Pros:
Easy integration with Elastic Search and Wagtail sitemaps
Leverage Wagtail editor on the admin side.
Consistent model and api structure throughout.
Cons:
Potentially more overhead for location pages.
Need to utilize more hooks to manipulate the view output (Lots of JS, so will be inserting non-model info into the template).
Potentially limits the use of some third-party modules.
If I went the non-wagtail route, is it possible to add non-wagtail models to the search index?
Are there other issues I should consider in this choice?
Any Django model can be indexed and searched by inherit from index.Indexed and defining search_fields onto the model.
As for using pages or not, as always it depends on many things. However, it looks like it would make sense to keep your location model as such, not make it a page and expose in in the admin (either Django Admin if you need some extensions that already exists there, or Wagtail's modeladmin otherwise). Then you would create a LocationIndexPage which implements the RoutablePageMixin to dynamically serve the LocationPages. The page won't exists in the admin tree but will be reachable anyway.
I don't see any updated answer on similar topics (hopefully something has changed with last crawl releases), that's why I come up with a specific question.
I have an AngularJS website, which lists products that can be added or removed (the links are clearly updated). URLs have the following format:
http://example.com/#/product/564b9fd3010000bf091e0bf7/published
http://example.com/#/product/6937219vfeg9920gd903bg03/published
The product's ID (6937219vfeg9920gd903bg03) is retrieved by our back-end.
My problem is that Google doesn't list them, probably because I don't have a sitemap.xml file in my server..
In a day a page can be added (therefore a new url to add) or removed..
How can I manage this?
Do I have to manually (or by batch) edit the file each time?
Is there a smart way to tell Google: "Hey my friend, look at this page"?!
Generally you can create a JavaScript - AngularJS sitemap, and according to this guidance from google :
https://webmasters.googleblog.com/2015/10/deprecating-our-ajax-crawling-scheme.html
They Will crawl it.
you can also use Fetch as Google To validate that the pages rendered correctly
.
There is another study about google execution of JavaScript,
http://searchengineland.com/tested-googlebot-crawls-javascript-heres-learned-220157
I have a SPA here and I´m wondering what should I do to get it properly indexed by Google bot.
I read a lot on multiple views angularjs apps (hashbanging and that stuff) but my app has just one view / controller.
Should I create an html copy for each of the items being shown and link them together?
Thanks in advance,
Ariel
In AngularJS, you can compile templates & cache them using a variety of techniques - you'll need to write a process or build into your runtime logic building these templates & binding them to data, writing them out as static files.
Google allows for special handling based on user-agent. I have a friend who says, "This was called cloaking, before Google owned Angular." This is true. You need to setup server logic that re-directs any Google-bot user agent (or other search engine agents you care about) dynamically to one of these static "Search-Bot Friendly" pages.
Although this is more work, there are obviously bonuses to being able to maintain a set of content that search crawlers "see" and a (potentially different) set of content consumed by real users.
This is also the reason why AngularJS as a client-side framework quickly falls down the rank list when search visibility is a primary objective of the project.
I am new to Salesforce and trying to figure out a way to determine all the components such as ApexPages, ApexClasses, Triggers etc. in which a custom field is referenced.
Is there any API available for this ?
Can metadata API fetch such references of a custom field/object in all components ?
There isn't an elegant way of doing this.
If you have a sandbox, you can attempt to delete the field. If it's referenced in other parts of your org, it will usually not allow you to delete the field and I believe it also gives you a link to where it is referenced. This isn't a complete solution, however, because if you have a field referenced in Javascipt in a VF page or as a field in a dynamic SOQL query (ie. Database.query('Select Id, Custom_Field__c from Account'), Salesforce won't be able to detect that the field is referenced.
A more complete solution requires more effort. I suggest using the Eclipse Plugin or the Ant Migration Tool to download all of your items (Pages, Classes, Triggers) locally. Then you can perform a simple search/find across the text files to find reference to your file.
Finally, a newer option that is probably even easier is to use the Developer Console. It has recently gained the ability to 'Search in Files.' You can open it from inside Developer Console under the 'File' menu option.