I know people have probably asked this question before, but i have an additional use case. I want to track some particular events on my website, like user clicked on a particular button, or something like user opened this webpage, and log this on my server. How can i do that?
Also I don't want to flood my server with the log requests so any optimization I should keep in mind?
I am working with AngularJS framework.
Thanks
Related
I am a bit dumbfounded on how to achieve this properly. So you have an app that is getting regularly updated, and you show those new updates to the user (something like discord update popup and whats new and such). How do you handle whether or not the user has seen it? A more high level question that "local storage", I am well aware of that or storing it in a DB, but this doesn't seem 1) Scalable, 2) Easy to work with in the long run. Are there any JS libraries that can simplify the process, eg or do I have to manually track each update? If there are more updates or the user hasn't logged in a while
I hope I conveyed what I am working on properly. Would love to hear how it's usually done.
Q: have an app that is getting regularly updated, and you show those new updates to the user
A: Service Worker can help you .That support reacting to push message .And they provide the Push API gives web applications the ability to receive messages pushed to them from a server, whether or not the web app is in the foreground, or even currently loaded, on a user agent.
More detail about start up a service worker to send users a message . https://developer.mozilla.org/en-US/docs/Web/API/Push_API .
Finally I suggest you try Workbox , that is a library that bakes in a set of best practices when working with service workers.
In attached image button is disabled by default based on access, however if i delete the property highlighted it gets enabled & user can able to perform actions.
Please do provide solution to restrict it.
Please see image attached related to issue with chrome Developer tool
You can't stop the user from doing that. Its their browser, and it's entirely in their control. Any user can manipulate the page in any way they choose, and run any script they choose from the console, etc etc. If the have the knowledge and inclination, they can do as they please. If they want to change the page to try and make a malicious or incorrect submission of they data, they can.
The mitigation you can (and must) put in place is to check and sanitise all data coming into your server-side API to guard against what is coming from the client being malicious or otherwise inappropriate.
Bear in mind your API just accepts HTTP requests, there's nothing to say a client even needs to use your web app to make requests, they could use a tool like PostMan or any other HTTP client to attack it. They can bypass the browser completely. So you have to apply all permissions, data checking etc on the server first to ensure security. If you then apply it on the browser-based web app, that's nice but you have to regard it as just a usability feature - it can never provide any real security.
well, as all html code in the browser you cannot prevent it from being manipulated, never trust the client and check the access of this action in the backend.
Keep in mind that even if the button is disabled, a developer can rebuild the request of this form and send it without using any user interface.
There is an alternative way that you can do in this kind of situation. You must unbind the event when the button is disabled and bind it again when the button is enabled. It will solve your problem.
Much better sanitize it in server side.
Back in the day Facebook used to let you define URLs that were something like http://facebook.com/send_a_message/user/55/pre_fill/Hi there. When you clicked that link Facebook would open up its Messenger with a "Hi there" message ready to be sent to user 55.
But then Facebook decided that "pre-filling" was bad, and outlawed it across all their APIs. Now there are a bunch of different ways to initiate a Messenger chat session, but they all amount to "start a chat with user 55", not "start a chat with user 55 using some information".
The thing is, I'd like to somehow pass information along with the link. For instance, I might want to have three different links on three different pages, and I want my chatbot to be able to respond differently based on which page the user came from. Since I can't "pre-fill" a message (eg. "Hello, I just came from page A"), I'm wondering if there is any other way to pass auxiliary information.
TLDR
I'm wondering if there's any way I can possibly provide a user with a link that, when they click it, starts up a chat session with my chatbot user, and somehow passes information to it. Using an intermediate proxy (ie. having the link go to my server, and then have my server start the chat somehow) would work, but only if I can associate the information with the user (ie. it doesn't help to know "page A" if I can't associate that with the user once they start chatting).
After researching further it would appear that the answer to my question is no: there is currently no way to pass-along supplemental information.
But here's the good news: when I filed a bug about this (which it turns out I should have filed as a feature request, sorry Facebook) I got a response saying something to the effect of "we couldn't tell you that we are currently developing this, even if we were", which I'm going to optimistically choose to interpret as a sign hope means that this functionality may be coming in the future.
I'm building an app using MEAN Stack (something like Facebook). So a user can login to my app using different browsers and I want for example, if there user will add a new message to the MongoDB, I want to update his messages in the other sessions. The same of he will remove a massage. At the same time, there maybe logged in different users from different browsers and I want to notify the user with his update in the other sessions.
Does Socket.io supports such an option? And what is the best way to do it?
Thanks.
Yes socket.io do support that. Here is an example made by socket.io themselves: https://github.com/socketio/socket.io/tree/master/examples/chat
You should be looking for socket.on() which are the listeners for an event on the server side and look into socket.emit() which are the senders of the events. the .emit()could be added into an function which are triggered on a button click for example.
Depending on you needs, if you're going to send the message to every user using your app then you could use this above code. But if you only wants to send to a specific list of persons you should look into something called Rooms (http://socket.io/docs/rooms-and-namespaces/#rooms).
This does exactly what it sounds like, it emits the messages to the specific room where users have been added to when they connect to your application.
I want to create an online quiz website using Silverlight.
When the registered users are logged in, they can view and answer the quiz once per page.
To proceed to the next question, they must push next button, and the new data downloaded from the server.
The previous questions are not cached. Thereby everytime the question is requested, the question will be reloaded from the server again.
My question is how to do my scenario above in silverlight?
Thank you in advance.
Now that your intent is clear, you want to prevent discovery of the content in your assembly. The answer is you can't really protect your assembly. In order to run it the client needs to fetch it, if it can be fetched then the would be hacker can get it, trying to limit caching isn't really a prevention.
However the solution is to not put senstive stuff in your assembly to start with. Place code server side to do the sensitive stuff and access that code via a service interface such as WCF or Web services or even plain old XML in XML out posting.
You could use IsolatedStorage to store some state related info (and you can even encrypt it before you save if you want - it's your storage, do what you want with it). Another way to store state information is to use cookies, here and here.
The "state" information that i refer to is the state and/or progress of your Silverlight app, i.e. you can track where the user got to in the questions, and avoid requesting questions they have already completed. Both of these types of storage can be deleted by the end user, if they know what they are doing. But you shouldn't let that worry you - if they want to cheat, then let them.
Create the silverlight app to request the questions via a Web Service. As long as you're using a proper web service and not faking it in some way. The browser is not going to cache the webservice response.