Sites like rich relevance, google analytics which are used for creating personalized user experience by tracking user data are blocked in Mozilla Firefox private mode. On my e-commerce site, recommended products are displayed using rich relevance. Since rich relevance is blocked in Mozilla private mode, recommended products are not displayed on site.
I know it's because of content blocking feature in Mozilla Firefox private mode which blocks list of sites which have been identified as engaging in cross-site tracking of users.
I want to understand how it works and what can be the programmatic approach to fix the issue? Tech stack being angularJs and Java.
Related
We are adding modern authentication (OAuth/OIDC) to an application that currently uses Windows integrated authentation for single sign on. The user signs into Windows workstation and those credentials can be used by many applications with authentication happening transparently over Kerberos.
Our app is a dot net web services based application and we have a client for users with browsers and a desktop client in WinForms. The browser scenario is no issue as the identity provider stores information in the browser that can be reused across applications in a similar way to WIA (IWA), but we are unsure the best way to handle the WinForms desktop application case. Currently the WinForms application opens a browser window to authenticate using the typical browser based method. The details from the identity provider are passed through the browser back to the WinForms app using a redirect and a custom protocol based URL.
This all works fine, but the user experience is not super tight and, for the case where the user is already logged in, requires them to press a button in the browser window as current Chromium based browsers seem unwilling to do a redirect without a recent user interaction.
Is there a better way?
The standard options according to RFC8252 are as you describe:
Log in via the system browser
Use either a loopback or private scheme based URL
I have a few blog posts about this and it is a tricky flow. The posts link to code examples you can run that explore the UX a little. You may find that a loopback URL avoids the need for a button click, though personally I think private scheme based URLs are cleaner.
There are UX things you can do, such as an interstitial web page to better control what happens in the disconnected browser. I have seen companies redirect to their own website after desktop logins, to make the UX better.
In the longer term I expect this to be replaced with API Driven OAuth Flows so that you never need to leave the app. For now you may have to live with some UX linitations, but it is the right flow from a security viewpoint.
We've developed a google chrome extension (with angularjs), which reads gmail mails, and sends them to on-premise servers by consuming a soap services. Now some of our customers have internal security policies prohibiting them to use chrome extensions, which now forces us to develop a Gmail Add-on (Google Appscript).
My question is, is there a way to comfortably reuse our angularjs application and include/use it in an Google Appscript application.
We are aware of the fact, that Appscript application actually arent client-side applications (unlike chrome extensions), and that we probably have to rewrite large parts of our application, but we just don't want to miss any opportunity regarding reusing our angularjs code.
Also did any of you experience major limitations of Google Appscript when consuming soap services (actually this is the main functionality of our existing application)
Thank you for any advice.
GMail Add-ons won't allow for that but you might be able to leverage Google Apps Script Web Apps.
Unfortunately, there is a bigger issue you'll have to take into account. Many of the scopes associated with the GMail API are now restricted under the new User Data Policy, where your application will need to be verified and possibly have to undergo a security assessment; which could cost you anywhere from US$15K - US$75K! Read the section titled "How will the security Assessment Work?" in the OAuth Application Verification FAQ for details.
I am developing an app built using Angular 2, so I'm constrained to platforms with Cordova plugins (that are available for Cordova Build) or JavaScript Web SDKs.
I have a few simple technical requirements
Track navigation of user or application flow (page views - user navigated to profile page)
Track custom events (user hit cancel when prompted to enter credit card)
Track custom user properties (dimensions - eg. Gender, Location, Age Range)
I'm Considering
Google Analytics - However i see it throws a lot metrics and numbers, but not what I need. I want details of an individual user or a individual application flow and how the user used his application, what was the flow etc, With respect to each device.
Any advice on a platform or SDK I can use to actually retrieve these important analytics which is device or user specific would be much appreciated.
https://github.com/angulartics/angulartics2
angulartics has been rewritten to support angular 2. it supports google analytics. It should work in your angular 2 application. let me know if it works. I would like to play with it as well. There is a angularitics cordova plugin but it is not updated for angular2 yet.
We can do individual level event tracking with different plugins like Appsee and UXCam.
Appsee and UXCam also provides additional support of Video recording of the app and user interactions done by the user i.e, how the user used the application etc. In Addition to that Appsee also provides crash log and analytic support.
Links for Appsee - https://www.appsee.com and
UXCam - https://uxcam.com
We have launched several Facebook apps. They are intended to run on Facebook Pages as tab-based iframe apps. These apps have been installed on dozens of pages, have thousands of daily users. Users who view these tabs do not need to authorize the apps, we don't require any permissions. When users share through these apps, we use the Facebook JS dialogs library.
With the exception of one, all of these apps display "No Insights Available" when I try to view the insights data. The only analytics we get from Facebook is the Insights summary page which includes some basic user, sharing and performance data - but no details are available.
As I mentioned, one app does have Insights. It was the first app we launched on Facebook. It was originally a canvas iframe app but now runs exclusively from profile pages. This seems to be the only difference from our more recent apps.
So I guess my question is this: is Insights availability triggered by having users access your canvas app? Or is there some other reason that we can not get Insights for all of our apps except the one original application? As I mentioned, users are sharing from these apps and we would love to know more about the reaction those stories are getting.
(I filed a bug with Facebook but after an initial request for app ids and a promise to look into it, they have since stopped responding to my requests for an update.)
In the end, it turns out this was a Facebook bug that they have now fixed. We weren't doing anything wrong. The fact that one app had canvas page views and the other did not was purely coincidental.
On Wednesday, Facebook has deployed an updated version of Insights that integrates with their application page directly - and miraculously, we're able to see Insights data for all of our applications again, including historical data that Facebook previously listed as "No insights available."
If anyone is interested, here's their blog posting on the upgraded Insights application. https://developers.facebook.com/blog/post/554/
I am planning on making a WAP page to provide a software.
Now i need to find out what mobile phone model the client who logs into my webpage is using so that i can redirect him/her to the appropriate download link.
This is similar to what opera does on their opera mini site. When you log in it finds out your model and sends you to the link
How can i add this to my site.
There are a number of solutions for determining mobile device, based on the UserAgent making the request. (Some solutions use other factors as well.)
Try looking at:
WURFL
MDBF
DeviceAtlas
DetectRight
Volantis
MobileAware
Movila
UAProf
The technology you are using to create your pages will also affect which of the above is the best solution for you.
A great website with some tutorials is mobiforge.com (the people behind device atlas), also plenty of true open source software at wurfl