Is sharing Google Analytics tracking id safe? - node.js

I currently creating a cross platform desktop application using Electron. I wish to add analytics to view user metrics. When I try to find for existing packages that provides metrics info, I found electron-ga.
The package uses GA to track user metrics and to set it up I need to include GA tracking id in my app. My question is, if I include the tracking id in an electron app and distribute my app, everyone can look at the tracking id and steal it right?
I would like to know if using this method is right?
Thank you.

It will be anyway publicly available (e.g. you can find the ga ID through the source code of any site that uses Google Analytics).
It can get very bad if someone wants to harm you, as he can just plug your ga ID in any of his sites unless you are prepared and protected.
What you can do to be sure that even if someone has your ga ID, he can't make use of it, is the folowing.
Go to your Google Analytics profile and create a custom filter. Choose "Hostname" for the filter field and fill the filter pattern with your site (e.g. mysite.com). Don't forget to use the "\" before of any ".".
This way, only this specific address will be able to make use of your ga ID.

That is ok. You could see many people push the ga id at website or app.
It is necessary. If you don't add tracking id to ga code. Then you cannot track user.

Related

Store and display the debug information in a custom DB table, while running the botcomposer bots using directline

We are creating bots using "Bot composer" and running those bots in Azure. we want to store the debug information for these bots in our custom DB tables.
Is there any way we can get the debug information that is provided in the "Bot emulator".
I was searching in Microsoft documentation, the closest I found is this https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-testing-debugging?view=azure-bot-service-4.0
But even this does not talk much about my problem at hand. Can some point me in a direction where I can find the solution?
If you would like to use Inspection Middleware in your Composer bot, you can simply do that by enabling "UseInspectionMiddleware": true in the bot settings.
If you would like to do anything other than that (i.e. use your own storage for debug info), you must customize the bot runtime. You will need to extract and customize the runtime to accomplish your goal. There is no documentation or steps on how to do this unique and specific task.

Problems with the Google Places API AddPlaceRequest - Android Studio

I'm in the process of creating an application on Android Studio which allows a user to select a location on a map and add some details to that location - E.g. Select a football pitch and add some details to it such as 5 a side football match on Sunday at 12 o'clock.
Once these details are saved that location is saved onto the map along with those details.
I've decided to use the Google Places API as it has the AddPlace feature. Instead of adding a business to the map like the API was intended for, I want to tweak it so it can add an event instead.
However, the example found here at:
https://developers.google.com/places/android-api/add-place
Does not work in my application.
Here are the screenshots:
Code Snippet
Any help would be greatly appreciated - Thank you
G
The Add A Place function of the Places API isn't a good fit for what you're trying to do. Add Place is designed to allow users to add places that don't currently exist in Google Maps' database. It sounds like what you want to do is attach some metadata to a place that has meaning only to your app.
So, you'll need some persistent server storage for this metadata. There are lots of ways to do this but you might want to look at Firebase Realtime Database as a solution.
Also, from the screenshot, it looks like your error comes from not having defined mGoogleApiClient in in your app.
When you want to make a connection to one of the Google APIs provided in the Google Play services library (such as Google Sign-In, Games, or Drive), you need to create an instance of GoogleApiClient ("Google API Client"). See here: https://developers.google.com/android/guides/api-client

ONLY Publish app in Google Play Store

I have a client who would like me to publish his app on Google Play Store. He has given me the .apk, description, icons, and banners.
I am going to buy a developer account ($25) for him but before that I would like to ask you guys that as I didn't actually develop this app. I am only going to publish his app. Is it safe? What key points I should check?
Also, would I still need to have Android Studio JUST to publish an app to Google Play Store? Or the URL below would give me the opportunity to publish my app using website?
https://play.google.com/apps/publish
Please help!
Thank you!
Check the Google Play Store Developer Policy Center to see if it infringes any rules.
https://play.google.com/about/developer-content-policy
I would also consider asking to review the source code as well if your name or company is going to be associated with the product you publish.
So basically uploading an app that copyrights most of someone's legit coding and possibly licensing? Not a good approach.
If you are aware about the terms and conditions, you would be liable for cost and damages because technically it will be under your name if you go forward and if your profiting this commercially, that case would be serious should it be brought forward on complaint.
EDITED
If you doing this on his behalf, he should sign up for Developer account or allow you to put his information in. So that's the safe point. If you are saying it is his app.

Privacy Policy URL - What if I use it for the owner's website only?

So, apparently I need to provide a Privacy Policy URL for my Instagram application.
The only reason I'm using this application, is for a website I built for a client of mine. The client wanted an automatic integration for her Instagram, so I went through the whole Instagram API hassle.
Now, the website is ready for production, so I wanted to get my app out of sandbox mode, but it looks like I need this Privacy Policy URL.
What's the best way to go about this?
Put a Privacy Policy page up on their website (really any website you can link to) and use that link. It can be a static HTML page, as long as you can link to it.
Instagram won't let you take an application like this out of Sandbox, btw. Your use case is not an approved use case. From Instagram's Developer Documentation under Invalid Use Cases:
One-off Projects. If you are an agency building websites or other integrations, note that we don't grant permissions to clients created for one-off projects. If you are interested in building a product, platform, or widget that will be used as a service across multiple projects, then you may submit a single client_id that you can use across multiple projects.
You can (probably) still achieve the outcome you're looking for but you will need to go back to the drawing board and rethink your application's use case before getting out of the Sandbox. I know some developers who really just don't understand (or care to understand) the policies and never make it out of Sandbox. It's a shame because they can read the technical portions of the documentation so easily but just can't/don't read/understand the more critical parts (like the Invalid Use Cases section).

Yesod - the best way to create users on the web site?

I'm trying to develop a site, where users will be registered directly on it, as opposed to being authenticated by Google mail etc. Beside the usual username/password I need to collect more data from the user - name, address, etc. What would be the quickest way for adding the desired functionality? Short of writing my own Auth plugin I see two options:
Create my own registration form (which I kinda need to do anyway) and use HashDB for storing the passwords and later authentication. However, yesod.auth.hashdb seems to be gone from the latest version (why?) and is only available separately here: https://github.com/ollieh/yesod-auth-bcrypt/ . Is something wrong with it? Security flaws?
Use http://hackage.haskell.org/package/yesod-auth-account - looks much closer to what I need, because it already provides registration page, but it doesn't seem to be supported by the latest yesod 1.2.5 and it is not clear how to integrate my additional fields into the existing registration process

Resources