We are using lukkr.com's adblock detector on our website.
But we need jQuery version.
https://lukkr.com/anti-adblock-script/
<!-- Customize / change AdBlock Alert here -->
<script>var abpalertmsg="AdBlock is enabled. \nPlease keep supporting us by disabling your ad blocker. \n\nThank You!";</script>
<script>!function(){var e=document.createElement("script");e.type="text/javascript",e.async=true,e.src="//lukkr.com/website/noadblock.js";var t=document.getElementsByTagName("script")[0];t.parentNode.insertBefore(e,t)}();</script>
Related
I am trying to show the stream from an external site. That site has too many pop-up ads, and I am trying to block pop-up using the sandbox attribute. But it is showing
Remove sandbox attributes on the iframe tag
How can I solve it?
removing the sandbox fixes the issue, but there are a lot of pop-ups.
Here is the code I am using.
<iframe allowfullscreen="true"
referrerpolicy="same-origin"
sandbox="allow-form allow-pointer-lock allow-same-origin allow-scripts"
frameborder="0" height="540" scrolling="no" src="https://somesrc.com/11.php"
width="780"
>
I am trying to use a custom font on my client's course marketing page on Teachable.com. Right now the course is not currently live, so unfortunately I can't share a link to preview.
I am trying to follow the Google Webfonts pattern of attributes in the link tag:
<link rel="preconnect" href="https://tablocreative.com/roo/webfonts.css" crossorigin>
I am hosting this webfont and the respective font files on a different hosting provider (standard Apache hosting). When I view the source of my page, I can see that file is being referenced - no 404 errors or access origin errors in the console.
This is the CSS:
html, body, main, div, p { font-family: 'Avenir LT Pro'; }
I can see in the inspector that declaration is being applied, no other font-family is set or overriding this. But the webfont will not load.
Any insights or ideas would be appreciated!
Check out the codepen on the readme of this repo.
It has a working example:
https://github.com/adriano-tirloni/google-fonts-css2
I'm trying to customize the page UI on Azure AD B2C unified sign in/sign up page.
I was able to create my template and upload all the assets i.e. html page, images and css to my Azure Blob Storage container with the right CORS settings.
When I pull up the page, however, it looks absolutely HORRIBLE! It doesn't seem to support Bootstrap. I read somewhere that no JavaScript is allowed. Is that the reason for this?
Once I upload my custom HTML page, Azure AD B2C seems to be stripping off a lot of the design elements necessary for my customization such as id and style in my body tag -- see below:
<!-- Omitted for brevity -->
<body id="my-login-class" style="url: ('https://myazurestorage.blob.core.windows.net/my-container/my-bg-image.jpg')">
<div id="some-important-id" class="my-important-class">
<div class="col-xs-8">
<div>Some important message</div>
<div>
<div class="col-xs-4">
<div id="api">
</div>
</div>
</div>
</body>
When I inspect the page source once my custom page is rendered, I see that all my classes and Id's are removed along with Bootstrap references e.g. css and js.
Am I getting this right? No Bootstrap which means Azure AD B2C only supports customization of the most basic kind?
Your HTML template can include any external, head, or inline styles but it can't include scripts.
An example of a customized page can be found at the WoodGrove sign-up or sign-in page.
The HTML template for this customized page can be found in the WoodGrove GitHub repository.
This HTML template includes Bootstrap's Reboot styles as well as the WoodGrove's specific styles.
Azure AD B2C creates the head and body elements and then copies the child elements for each of these head and body elements from your HTML template to its HTML document.
Therefore, you shouldn't add attributes to the body element in your HTML template, because they aren't copied.
You can import the bootstrap references. Please see this document: https://learn.microsoft.com/en-us/dynamics365/customer-engagement/portals/azure-ad-b2c
See also: https://github.com/Azure-Samples/active-directory-b2c-php-webapp-openidconnect
It looks horrible for a reason. No styling is applied to the page so that it can be fully customizable. You can reference Bootstrap for CSS; however, I have run in to issues when using bootstrap.js for modals since it appears the Azure B2C API uses bootstrap for modals...In my experience, it is best to rely on Vanilla JS and to leave off any references to third-party JS.
It is possible to use JavaScript if you are using your own custom policies. There are some limitations to JavaScript and the best approach is to try to accomplish anything using the policy first.
To enable JavaScript use the following as guide:
<RelyingParty>
<DefaultUserJourney ReferenceId="SignUpOrSignIn" />
<UserJourneyBehaviors>
<ScriptExecution>Allow</ScriptExecution>
</UserJourneyBehaviors>
...
</RelyingParty>
When referencing external CSS/JS files, the URL must be absolute. This is true for the head section of HTML files as well as any references within JavaScript. Relative URL's can only be referenced within a CSS file.
Incorrect:
<link href="./css/assets.css" rel="stylesheet" type="text/css" />
Correct:
<link href="https://your-storage-account.blob.core.windows.net/your-container/css/assets.css" rel="stylesheet" type="text/css" />
I want to run a content script on an iframe with a chrome-extension:// URL. I added a line to my manifest.json that I copied out of the documentation http://code.google.com/chrome/extensions/match_patterns.html
chrome-extension://*/*
But when I reload my extension I get an alert:
Could not load extension from '/work/sirius/extension'.
Invalid value for 'content_scripts[2].matches[0]': Invalid scheme.
Any idea how to get this to worK?
No. Only ftp:, file:, http: and https: can be matched by a content script declaration.
Invalid URL patterns at any of the matches and exclude_matches fields are rejected (generating an error when trying to load the extension).
Invalid patterns at the permissions option in the manifest file are ignored.
If you want to run a script on a tab from your extension, use chrome.extension.getViews in your background script.
Even better, design your extension's pages such that they effectively communicate with each other (example).
I'm having the exact same problem, look at the API http://code.google.com/chrome/extensions/match_patterns.html it says clearly that they accept chrome-extension://*/* yet they don't.
They need to update the API so as not to confuse people.
It seems that Chrome authors have silently removed the ability for content scripts to be injected into chrome-extension: pages. Documentation still says that it works and even contains examples with chrome-extension: scheme but actually it doesn't work. So now only http:, https: and ftp: work "from the box" and file: can work if user of your extension has enabled this on Extensions (chrome://extensions/) page.
Update: now documentation referred above is updated and says nothing about ability to inject content scripts to chrome-extension: pages.
You can inject js to your iframe html(chrome-extension: pages) without declaring it in manifast.json. The injected js can visit Chrome APIs directly.
iframe.html:
<!DOCTYPE html>
<html>
<head>
...
</head>
<body>
...
</body>
<script src="iframe.js"></script>
</html>
iframe.js:
console.log(chrome); // {loadTimes: ƒ, csi: ƒ, …}
I am running into a Access-Control-Allow-Origin error when I am trying to build an OpenSocial Gadget with IBM Social Business ToolKit for IBM Connections.
I have 3 servers participating in this gadget:
CONNECTIONS: The IBM Connections 4.0 Server that will be hosting the gadget
IBMSBT: A server hosting the Social Business Toolkit scripts and app
JESSE_API: My application server hosting the API that the gadget will be using
The gadget xml is loaded from JESSE_API by CONNECTIONS. The view for the gadget loads scripts and makes calls to JESSE_API. I would like to use the Social Business Toolkit for accessing parts of Connections so the gadget view is also loading those components from IBMSBT.
I am currently just prototyping this - I was able to make this work just using the Connections 4.0 API but would rather use the SBT libraries.
For getting started I just dropped in the "Get My Communities - Main Window" snippet into my gadget's view and included the following scripts:
<script type="text/javascript">
var djConfig = {
parseOnLoad: true
};
</script>
<script src="//IBMSBT/sbt.dojo180/dojo/dojo.js"></script>
<script src="//IBMSBT/sbt.sample.web/library?ver=1.8.0"></script>
Reloading the gadget gives the following error in the console:
XMLHttpRequest cannot load http://IBMSBT/sbt.sample.web/service/proxy/connections/http/CONNECTIONS/communities/service/atom/communities/my?ps=5
Since my gadget was running on the CONNECTIONS server I should not need the proxy. I did not see an immediate way to disable the proxy for this endpoint so I just set a breakpoint in Endpoint.js before line 160 where the following code is executed:
if(this.proxy) {
args.url = this.proxy.rewriteUrl(args.url,this.proxyPath);
}
When the breakpoint hits, I set this.proxy = null which causes the proxy to not be used and the community information to return correctly.
My question is should I be doing this differently or should a way be added to bypass the use of a proxy given the structure I am currently using?
The SDK Proxy does not need to be used in this environment. We've made some changes in this area recently as part of the work to support OAuth. What you need to do is configure the SDK library initialization so it knows it's running in a Gadget context.
Take a look at the acme.social.sample.webapp:
In faces-config.xml you will see an environment for use with OpenSocial
<!-- OpenSocial Environment -->
<managed-bean>
<managed-bean-name>openSocial</managed-bean-name>
<managed-bean-class>com.ibm.sbt.jslibrary.SBTEnvironment</managed-bean-class>
<managed-bean-scope>application</managed-bean-scope>
<managed-property>
<property-name>endpoints</property-name>
<value>acmeAirOS:acmeAir</value>
</managed-property>
</managed-bean>
The endpoint definition used a gadget endpoint (further down in the faces-config.xml)
<managed-bean>
<managed-bean-name>acmeAirOS</managed-bean-name>
<managed-bean-class>com.ibm.sbt.services.endpoints.GadgetOAuthEndpoint</managed-bean-class>
<managed-bean-scope>session</managed-bean-scope>
<managed-property>
<property-name>url</property-name>
<value>%{acme.url}</value>
</managed-property>
</managed-bean>
In the gadget xml (or imported html) when loading the library pass a parameter to indicate that the OpenSocial environment should be used
<script type="text/javascript" src="../../library?ver=1.8.0&context=gadget&env=openSocial"></script>
Based on the information from Mark Wallace, I looked a bit closer at what the /library/ endpoint was doing.
I was not able to make it quite work exactly with that code but the following works nicely:
<script data-dojo-config="parseOnLoad:true"
src="//IBMSBT/sbt.dojo180/dojo/dojo.js.uncompressed.js"></script>
<script>
if(typeof _sbt=='undefined' || window._sbt_bridge_compat){
_sbt=0;
dojo.registerModulePath('sbt','http://IBMSBT/sbt/js/sdk/sbt');
dojo.registerModulePath('sbt/_bridge','http://IBMSBT/sbt/js/sdk/_bridges/dojo-amd');
dojo.registerModulePath('sbt/dojo','http://IBMSBT/sbt/js/sdk/dojo');
define('sbt/config',['sbt/Proxy','sbt/_bridge/Transport','sbt/authenticator/Basic','sbt/Endpoint'],function(Proxy,Transport,Basic,Endpoint){
window.sbt = {};
sbt.Properties={
"sbtUrl":"http:\/\/IBMSBT\/sbt\/js\/sdk"
};
sbt.Endpoints={
'connections':new Endpoint({
"baseUrl":"http:\/\/connectionsww.demos.ibm.com",
"transport":new Transport({}),
"authType":"basic",
"authenticator":new Basic({}),
"proxyPath":"connections"})
};
return sbt;
});
}
</script>
The contents of the script tag was basically the output from the /library/ endpoint. The sbt.Endpoints.connections definition originally included a defined proxy attribute which I removed.