How can I pass a dataLayer variable from one domain to another domain using Google Tag Manager? Both domains use the same GTM container. Thank you.
Whether the domains use the same GTM is not important. What's more important is whether they're the same TLD (top-level domain), or different TLDs.
If it's the same TLD, then passing a variable would be easily done via a cookie. If it's a different TLD, then you could use a third party cookie. However, there has been a world-wide witch hunt after the third party cookies, due to which it's not a good idea to use them anymore.
As the result, there are two fiable options to pass variables between TLDs, whether through GTM or just front-end.
Employ backend. Make the backend keep and pass the variable. Based on its ability to sync sessions of users on different TLDs, if the backend is the same on all TLDs.
Pass your variables by appending them to the url on navigations from one TLD to the other. Once GTM on the other side sees them, it can store them in a cookie and clean urls from the query params to make it look neater.
The latter option is how GTM (and GA4) does cross-domain tracking by default.
Related
Can we have two entries in AMConfig.properties com.iplanet.am.server.host?
eg.
com.iplanet.am.server.host=server1.example.com,server1.example.info
OR
com.iplanet.am.server.host=server1.example.com
com.iplanet.am.server.host=server1.example.info
If not, how can we configure two identity_servers?
Update: Just one OpenAM instance servicing multiple FQDNs.
You can't have 2 entries for com.iplanet.am.server.host in AMConfig.properties.
You just need to configure an fqdnMap entry
com.sun.identity.server.fqdnMap[server1.example.info]=server1.example.info
as advanced server property. However please keep in mind that in your case the two FQDNs do not share a common cookie domain. From cookie security point of view you should use host-based cookies anyway by removing all cookie domains from OpenAM's platform service (global configuration). If you still want to use domain cookies, make sure to have cookie domains
example.info
example.com
set in platform service. Make sure you understand 'cookie spec'
I want to give my customer the ability to create their own todos list app/web.
So, I thought they could register to my application, for instance:
http://mytodos-app.com/signup and provide all preferences such as theme, title, name...
Now i could use the url/router ability to get some unique identifier from the url and use the same app, but fetch data for each customer.
i.e: http://mytodos-app.com/todos/:someuniqeid
1) is it sounds ok? or are there better strategies for this scenario?
2) if it's ok, If I want to give them the ability to configure their own domain (like in shopify you get some dynamic domain yourname.shopify.com).
So, what is the most popular/professional way to do it? I want it to be easy to the customer. any suggestions?
Other than the "cool factor", there is no benefit to using actual customized sub-domains.
You can synthesize the behavior by:
In DNS, set up a wildcard CNAME entry for *.DOMAIN.com to point to www.DOMAIN.com, be sure to buy a matching wildcard ssl/tls certificate.
Configure the web server to respond to all hostnames.
After user registration. SANITIZE the username(or whatever identifier) value.
Set an authorization cookie with the domain=DOMAIN.com option to force it not to
be a host cookie.
Redirect to username.DOMAIN.com. Same server different name.
Check the cookie in the route to serve the correct pages. Just like
you would with any login.
If there is no cookie, use the host information to populate the
username portion of the login page, or display public todos?
Make sure any Javascript scripts hosted on the site and all internal links are loaded by relative addressing.
The technique is much safer than actually creating real subdomains.
Is it possible to use the same nodeJS server for two/three different domains (aliases)? (I don't want to redirect my users. I want them to see the exact URL they typed in the address bar. However, all three domains are exactly the same!)
I want my users to be logged in on all three domains at the same time, in order to avoid any confusion.
What is the simplest way to do this and avoid cross-domain issues?
Thanks!
If you mean that all domains will serve the same nodejs app then Yes you can do that.
but if each domain should open a different application then you must have a reverse proxy running on the server to handle and manage the sites/vhosts.
You may install nginx and use it as reverse proxy server or look for http-proxy a library for nodejs.
If you would like to manage the vhosts in your app you can look for vhost middleware for nodejs and use it
Choose one of:
Use some other server (like nginx) as a reverse proxy.
Use node-http-proxy as a reverse proxy.
Use the vhost middleware if each domain can be served from the same Connect/Express codebase and node.js instance.
This is a very broad question. Moreover, it is generally a pretty bad idea, SEO-wise, to have multiple independent domains that each serve the same content.
Logging in is generally either done through Cookies, or through extra parameters in the URL. Cookies are always domain-specific, for obvious security reasons. If you want to ensure folks will be logged in to all the domains at once, you can create an internal purpose-driven domain to handle authentication (without such domain showing in URL bar, and only being used for HTTP redirects, effectively); such domain will store the login state for all the rest, and the rest would pick up the login state through such purpose-driven domain (through HTTP redirects).
In general, however, this sounds like too much trouble. Consider that, perhaps, some users specifically want to use different domains for different accounts, so, you'll effectively break their usage if you mandate that a single login be used for all of them. And, back to the original point, doing this is pretty bad for SEO, so, just don't do it.
a mirroring CDN can't have the same hostname as you application server, because you need a way for the CDN to explicitly reference the application.
Why, in general, do sites like facebook run their CDN on a totally seperate host, not just a subdomain like cdn.facebook.com? example: http://profile.ak.fbcdn.net/hprofile-ak-snc4/173706_6103645_790537_q.jpg
Is the reason, that they can construct resource URLs with many different hostnames, to avoid the 4-connections-per-host limit on some browsers?
If your domain is www.example.org, you can host your static components on static.example.org. However, if you've already set cookies on the top-level domain example.org as opposed to www.example.org, then all the requests to static.example.org will include those cookies.
From: http://developer.yahoo.com/performance/rules.html#cookie_free
Because user generated content can contain nasties that may be able to access data hosted on the primary domain.
It also stops things like cookies and authentication getting sent in the request to CDN content.
Preventing users from inserting
scripts, and at the same time allowing
user submitted html is extremely
difficult to do on the server side -
ergo we must have sandboxing.
Borrowed from a fairly old whatwg post
How do I find out from within an HttpModule what domain made a particular request?
Say I only want to allow site1.com and site2.com to use images from my server, how do I check that it is them making the request?
There's no way to do this in every case. Consider that UrlReferrer may not be set. Also, consider that you could be called by a client that does not have a DNS address.
Instead, you should consider configuring IIS to authenticate using user certificates. If you've only got a small number of sites calling you, generate a certificate, register it with IIS and map to the user you want, then give the certificates to those two machines to be installed on them.
Request.UrlReferrer, but it can easily be spoofed.