I have a link on my web-page which automatically logs in through a generic username/password for the purposes of a demo, eg :
https://username:password#www.example.com
A dialog box shows up which says "You are now logging in as username. Is this correct?"
How can I remove this dialog to allow me to log into this web-page as cleanly as possible?
I've considered using JS to resolve the issue but there must be a simpler way?
Thanks
You are using http basic authentication which is a protocol that is a part of http. The username and password is sent to the web server and verified before your web page is loaded.
It is not the web page that creates this dialog, but your browser. It will be different for different browsers. Firefox creates a confirmation message when you provide the username and password in the address bar. Chrome will not create this confirmation message.
A javascript or any other kind of functionality in your web page would not be able to remove this message. The reason for this is that the message is created by the browser before the web page is actually loaded.
Related
When a user clicks a link to my site inside their LinkedIn app it doesn't take them to Safari or Chrome, it keeps them in an internal LinkedIn browser.
If the user then tries to create an account via Google OAuth they get the following error (see image).
Is there a way to prevent LinkedIn from opening a link in their proprietary browser, and take them to Safari or Chrome automatically? Or another workaround for this issue?
Neither you can restrict LinkedIn to open your site in other browser nor to stop google to throw the error. To solve this problem, You have to write a script which will open your website in the default browser of the user's device. Whenever user hit your website then check the web browser if it's chrome, safari or any other web browser then continue the request else force the user to open website in user's default browser using the script. That's it.
Hope this suggestion will help you.
Is it possible to determine if a user came to your site by clicking a link shared in whatsup, viber or some other popular messenger?
They usually do send request to shared link so that they get metadata to display, and that can be determined through the user agent. However, when user actually clicks on link, unless messanger has browser built in, user agent is whatever browser they opened it in.
Using apache/nodejs/vuejs
Apparently, it is impossible. When a clicked link or programmatic request invokes a web URI intent, an OS allows the user to select an app from a dialog where it can be opened. So it doesn't add any additional information to the link while opening.
Probably make sense to consider generating unique links for every application so that you know where the user comes from.
https://hostname.com/home?userAgent=skype
https://hostname.com/home?userAgent=facebook
I am looking to replace a toolkit that does social auth through a seamless popup, where the entry point is a javascript function and there are javascript callbacks that you install that pass the results of the authentication back to you once everything has asynchronously been processed.
The socialbootstrap example shows how to perform posts to /api/auth/{provider} and this causes the browser to redirect to the login screen of the social provider and then back to a redirectUrl in the original app.
I would like to have this work in some kind of popup and the result be passed back to me as some kind of ajax result or a javascript success or failure handler.
Is this possible and if so do you know of any code examples that show this?
My understanding is that iframes are not a universally good way to do this as some social providers have iframe busters...
Thanks
If you only need to support Credentials i.e. UserName/Password Authentication you could do this via a HTML from in a Popup and ajax.
The https://httpbenchmarks.servicestack.net Live Demo shows an example of this when you click on Login with your email button or Sign In link (on the top right).
The Authentication/Login process is documented in detiail the repository, e.g it uses a modal bootstrap form and ss-utils bindForm to ajaxify the HTML Form and provide automatic form and validation binding.
On successful authentication, the success callback is fired where you can hide the modal form and run any other post-authentication scripts, e.g:
$("#form-login").bindForm({
success: function (r) {
$('#modalLogin').modal('hide');
localStorage["UserName"] = $("[name=UserName]").val();
$(document).trigger('signed-in');
}
});
Now that the Users Session is authenticated, every subsequent ajax request is sent in the context of the users authenticated session.
If you want to use OAuth then you would need to stick to full-page reloads since often the page will be redirected to the 3rd Party site where the user needs to explicitly allow authentication via your app.
Similar to this question, but in my case I am the web developer. How can I get the browser to ask the user again if they want to allow geolocation? I was hoping I could put some text in the page, something like, "This page's features are only available when geolocation services are active, but you have denied them for this site. Click here to try again."
I know how to change the browser to accept this, but how do I help the visitors to the page from any browser to simply turn it on at the click of a button.
What you are looking for is Permissions API. Unfortunately at the moment it only allows to get the status of a permission, and mandatory requesting a permission for given API is not supported in any browser.
after logging into GMail and clicking the back button on the browser the site doesn't gets back to user login screen? how is it done? Any pointers in java server side programming will be helpful. How to do it without java script.
They probably use HTTP cookies and server side sessions to track the user authentication state. Take a look at this article for more info about using cookies to persist login info.