How can I have a user authenticate and then download an offline application created specifically for them?
I'm creating a public/private key encryption system for offline use and each user needs to be able to login and "download" their encryption/decryption page (app.php) using a form. This form dumps them on their app.php page, served up with a cache-manifest file. The application needs to store their encryption and decryption keys locally to be used via Javascript. Accessing this page (app.php) without any login information should return an error page. Any updates are made via ajax to api.php and stored in localstorage, so physically downloading the page and saving it somewhere won't work (localstorage doesn't work on local files).
Here's my cache-manifest.php file:
<?php header("Content-Type: text/cache-manifest"); ?>CACHE MANIFEST
# v1.2
app.php
NETWORK:
api.php
Refreshing the application after logging in to it (via a POST request) leads to the error page being displayed instead of the browser loading the cached application.
EDIT:
I suspect the POST request has something to do with the lack of caching. Watching firebug during the initial download progress shows:
POST app.php 200 - Includes the application to be cached
GET app.php 401 - The error page - this is being cached instead
The POST request was the problem, so I had to create a unique download link for each user, then redirect them to that link. The link needs to be able to be hit at least twice from the browser, so I gave each link a timeout of 1 hour before invalidating it. The cache-manifest file also had to be modified with the unique url:
http://.../app.php?instanceid=(md5)
<?php header("Content-Type: text/cache-manifest"); ?>CACHE MANIFEST
# v1.2
app.php?instanceid=<?php echo $_GET['instanceid']; ?>
NETWORK:
api.php
Related
I'm working on laravel project which is working correctly in localhost but when I deploy on a subdomain on my server it is facing issues with sessions. I'm using session driver file. When I login, it says 419 your session has expired. It creates a new session file in storage/framework/sessions whenever I refresh that login page. But locally it creates only 1session file browser and log me in and do not show 419. Moreover cookie exist for localhost link in browser but did not created of my domain.
Please help
IN my case, issue was a space before PHP starting tag in routes/api.php
It can also due to space before an PHP starting tag in routes/* files or config/* files
and it can also due to if any of these files have PHP closing tag
I'm a beginner in Shopify and trouble with Shopify proxy
Front Store: https://bhavin.myshopify.com
App Store: https://myapp.ngrok.io (Laravel)
I want to add two files (custom js and manifest.json) in my front store.
Install and authentication is working fine
I'm adding manifest.json something like that
var link = document.createElement('link');
link.rel = 'manifest';
link.href = 'https://myapp.ngrok.io/manifest.json';
document.head.appendChild(link);
1. Without proxy
manifest.json file added properly but throw error something like that
Access to resource at 'https://myapp.ngrok.io/manifest.json' from origin 'https://bhavin.myshopify.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
2. With Proxy
Subpath prefix: apps
Subpath: cnv
Proxy URL: https://myapp.ngrok.io/proxy
Now my manifest.json file path is https://bhavincb.myshopify.io/apps/cnv/manifest.json
Url is working fine if I'm logged in the admin panel
If I open that URL when I'm not logged in then it returns
This page isn’t working with HTTP ERROR 401
In my front store while load manifest file it is showing something like that (when logged in)
Manifest: Line: 1, column: 1, Unexpected token.
There is not any error in manifest.json
I'm using Laravel Shopify package
As of I know, I guess I'm doing something wrong with a proxy configuration.
Does anyone have a solution?
Any help will appreciate
I resolved to issue my self (ref. 2. With Proxy)
The issue with my store actually I'm using free trial and in free trial you can't disable password protection
If your password protection is enabled and you are trying to access proxy URL without logged in, in that case, Shopify won't allow accessing.
After purchase plan, it's working fine
The better recipe to follow might be this. One, you use your App to access the assets of the shop theme, and upload your manifest.json text file as an asset. That means it is accessible in Liquid, in the theme, and the shop can therefore render it and make it useful.
Second, use your App to install custom.js as a ScriptTag asset. That is the usual way to accomplish running your own JS.
The App Proxy is not really meant for use the way you are using it.
I have added ssl to my website https://phone-pedia.com.
lock is only appearing on homepage. On other pages, lock does not appear. I tried to clear cache but issue is still here.
Is it a Laravel issue or ssl problem ?
If mixed content is the problem then why homepage has a lock. ?
Chrome says your site uses sources (such as images) from non-secured origins. You should use in your views the asset_secure helper instead of asset. If you already do, check if you use in other sources from non-secured origins. Otherwise it has to do with your SSL.
You have mixed content on some of your pages. If you look at your browser console you'll see a message like the following:
Mixed Content: The page at 'https://example.com/path' was loaded over HTTPS, but requested an insecure image 'http://example.com/storage/products/images/example.png'. This content should also be served over HTTPS.
You need to serve all of your content over HTTPS.
I have the following URLs:
domain.com/ <== Returns a HTTPFound (302) to domain.com/todays_news
domain.com/todays_news
domain.com/tomorrows_news
What I would like is when someone visits domain.com/ and gets redirected to domain.com/todays_news, to get the cached version of the page,
but when they are on my website, and they click a link to domain.com/todays_news, they should get a fresh version of the page which will allow them to set cookies.
The reason I want this behavior is because:
When they visit domain.com/todays_news directly I save a cookie
If they visit the root url (domain.com/) I am NOT saving a cookie
My Setup Looks like the following
Pyramid App running on uWSGI
Nginx running with uWSGI pass (https://leons.im/posts/pyramid-nginx-uwsgi-mysql/)
How about this
At the beginning of your today_news() Pyramid view check if request.referrer is domain.com - this should indicate redirect from this URL
If it is set to domain.com query your cache (Redis, memcached) for cached page content and return this HTML
If cached version is expired or referrer is different...
Render page in your your Pyramid's today_news() view to HTML string
Check if cache has expired and store the new version in cache (Redis, Memcached)
Return HTML to the visitor, save cookies, etc. other HTML response manipulation
I locally designed my site. Then exported MySql database as Sql file and executed the scripts in the real server. Also copied the joomla directory to the server.
Now, I am getting strange 302 redirection errors in my web site, when I am accessing the home page. However, I am able to login into the admin panel. I can see all my contents available.
The redirection happens to the same page, i.e. continuous requests are issued to the index.php/en/ (checked using fiddler).
Am I missing any configurations?
Regards,
Well this is tricky without a link to the site to see the behaviour in person, but it could be that you forgot to upload a .htaccess file or set the Redirect Base or cookie path/domain in the configuration.php (if it's empty then it's probably not a problem, only if you have manually edited it).