Forward a domain but keep URL - ruby-on-rails

I'd like to send http://app.client-domain.com/ to my Heroku-hosted Rails app at http://www.my-domain.com/.
From research it looks like this would be relatively straightforward (with domain record redirects/forwards like A, MX, CName, etc.)
However, I don't want http://app.client-domain.com/ to just forward the browser to http://www.my-domain.com... I want it to appear that the user is still on http://app.client-domain.com.
For example, a request to:
http://app.other-domain.com/user/4
would be serving data from:
http://www.my-domain.com/user/4
... but the URL would remain:
http://app.other-domain.com/user/4
Likewise, if a user is sent (via the app) to a new address within the app (like /products/4), the scheme above would be maintained. It would truly look like the app lived at
http://app.other-domain.com/
Is this possible?

It is possible. There are two main methods to achieve something like this.
The preferred method would be for the client to use a DNS CNAME that points app.client-domain.com to www.my-domain.com. Your heroku app, would then have to be configured with the domain app.client-domain.com. It should also be configured to not redirect to "primary" domain.
The more problematic way to solve this, is to set up a webserver for app.client-domain.com that serves a webpage with frames, where www.my-domain.com is then loaded in a frame.
The CNAME approach is by far the preferred way. Using frames gives issues with SSL, and some sites might try to escape being in frames, and will likely also cause PCI compliance issues if you are using payment gateways.

Related

Heroku - custom domain DNS

I am a complete newbie when it comes to redirecting etc.
I bought a domain (mydomain.co) and I have a heroku app (mydomain.herokuapp.com) (upgrading to paid in the upcoming month). What I want to do is to be able to access the heroku app after entering the domain url and stay o this domain, and not be redirected to mydomain.herokuapp.com.
My settings for the domain look like this (I translated it myself, so there may be some mistakes):
With this settings, I can access my app but it is displayed in a frame, what's more - some of the pages do not work.
What I want to do is to be able to type mydomain.co and display mydomain.herokuapp.com but as regular site, and not inside a frame. What options should I choose?
Another thing is - will I be able to use the domain (which I paid for) and do the redirect if I do not buy a hosting from the company?
PS I added custom domains to my herokuapp and read their [guide], but I still do not understand.3.
Here are also my domain records - I believe it has something to do with this, but it so hard to test it as those DNS changes take some time.
You should remove your redirection. You also need to put a CNAME on mydomain.co with value mydomain.herokuapp.com.

Google script origin request url

I'm developing a Google Sheets add-on. The add-on calls an API. In the API configuration, a url like https://longString-script.googleusercontent.com had to be added to the list of urls allowed to make requests from another domain.
Today, I noticed that this url changed to https://sameLongString-0lu-script.googleusercontent.com.
The url changed about 3 months after development start.
I'm wondering what makes the url to change because it also means a change in configuration in our back-end every time.
EDIT: Thanks for both your responses so far. Helped me understand better how this works but I still don't know if/when/how/why the url is going to change.
Quick update, the changing part of the url was "-1lu" for another user today (but not for me when I was testing). It's quite annoying since we can't use wildcards in the google dev console redirect uri field. Am I supposed to paste a lot of "-xlu" uris with x from 1 to like 10 so I don't have to touch this for a while?
For people coming across this now, we've also just encountered this issue while developing a Google Add-on. We've needed to add multiple origin urls to our oauth client for sign-in, following the longString-#lu-script.googleusercontent.com pattern mentioned by OP.
This is annoying as each url has to be entered separately in the authorized urls field (subdomain or wildcard matching isn't allowed). Also this is pretty fragile since it breaks if Google changes the urls they're hosting our add-on from. Furthermore I wasn't able to find any documentation from Google confirming that these are the script origins.
URLs are managed by the host in various ways. At the most basic level, when you build a web server you decide what to call it and what to call any pages on it. Google and other large content providers with farms of servers and redundant data centers and everything are going to manage it a bit differently, but for your purposes, it will be effectively the same in that ... you need to ask them since they are the hosting provider of your cloud content.
Something that MIGHT be related is that Google rolled out some changes recently dealing with the googleusercontent.com domain and picassa images (or at least was scheduled to do so.) So the google support forums will be the way to go with this question for the freshest answers since the cause of a URL change is usually going to be specific to that moment in time and not something that you necessarily need to worry about changing repeatedly. But again, they are going to need to confirm that it was something related to the recent planned changes... or not. :-)
When you find something out you can update this question in case it is of use to others. Especially, if they tell you that it wasn't a one time thing dealing with a change on their end.
This is more likely related to Changing origin in Same-origin Policy. As discussed:
A page may change its own origin with some limitations. A script can set the value of document.domain to its current domain or a superdomain of its current domain. If it sets it to a superdomain of its current domain, the shorter domain is used for subsequent origin checks.
For example, assume a script in the document at http://store.company.com/dir/other.html executes the following statement:
document.domain = "company.com";
After that statement executes, the page can pass the origin check with http://company.com/dir/page.html
So, as noted:
When using document.domain to allow a subdomain to access its parent securely, you need to set document.domain to the same value in both the parent domain and the subdomain. This is necessary even if doing so is simply setting the parent domain back to its original value. Failure to do this may result in permission errors.

how to add subdomain name from current url using .htacces rules

I have a URL link like,
http://domain.com/abs/def/city and,
i want to display it as http://city.domain.com/ABC/def
using .htaccess.
Can any one help me by providing .ht access rules.
I want to write .htaccess rules for each city name in URL act as sub domain name.
Also i want it to be dynamic as there are different cities are available in site.
i am using below code in .htaccess file, but not working properly.
RewriteRule ^index.php/(.)/(.)/([^/]+)$ http://$3.domain/$1/$2/$3 [R=301,L]
is there any way to get my requirement using or by modifying my above code or by some other .htaccess code.
Sorry, but what you ask is not possible. This is a typical missunderstanding about url rewriting:
Url rewriting rewrites (manipulates) incoming requests on the server side before processing them. It is not possible to alter outgoing content such that contained urls are changed by this means.
There are solutions for that though:
apaches proxy module can "map" one url into the scope of some other url
there are also modules for automatic post processing of generated html markup
more exotic or creative solutions exist, it depends on your situation in the end...
But usually the easiest is to change the application (typically just its central configuration) such that it contains final urls (pointing to the subdomain in your case). Then you can indeed use the rewriting module to "re-map" those to the previous scope when future incoming requests refer to them (they got clicked).
Ok, second step getting additional info from your comments:
Just to get this clear: you understand that it is not possible to change the link you send out by means of rewriting, but you want to change the url shown in the browser after the user has clicked on some city link? That is something different to what you wrote before, that actually is possible. Great.
If the rewriting works as you want it to (you see the desired url in the browsers address bar), then we can go on. The error message indicates a name resolution problem, that has nothing to do with rewriting. Most likely the domain "cambridge.192.168.2.107" cannot be resolved, which is actually not surprising. You cannot mix ip addresses and names, it is either or.
Also I see that you are using internal, non-routable addresses. So you also are responsible for the name resolution yourself, since no public DNS server can guess what you are setting up internally. Did you do that?
I suggest these steps:
stop using an ip addres for this, use a domain name.
since you are working internally, take care that that domain name is actually resolved to your local systems ip address. How you do this depends on your setup and system, obviously. Most likely you need some entry in the file /etc/hosts or similar.
you need to take care that also those "subdomain names" get resolved to the same address. This is not trivial, again it depends on the setting and system you locally use.
if that name resolution works, then you should see a request in your http servers access log file. Then and only then it makes sense to go on...

Can I hide the domain name in the URL (in my Rails application)?

I have a Ruby on Rails application where my customers should ask their customers to go. But I would like to be able to hide/mask my own domain name from the url, so the customers of my customers don't feel like they are on a 3rd party website.
For example, if my domain name is:
https://app.example.com/visit/:customer_id
then what is my options for masking the example.com part?
If it is not possible to mask the domain name (I can see that even by using the IP address directly, https errors appear), then is it possible to put in some prefixes like e.g.:
https://prefix.app.example.com/visit/:customer_id
https://app.prefix.example.com/visit/:customer_id
https://app.example.prefix.com/visit/:customer_id
Btw, it's not important to keep the https security on these pages particularly, but I don't suppose it is possible to have an application that has both encrypted and non-encrypted pages?
your customers will have to setup their DNS to point to your application. you can use a CNAME to accomplish that. this can be done by using a subdomain.
if you use SSL/HTTPS you have to make sure that the certificates match the domain.
like #lassej already pointed out, an iframe is probably a better way of integration. it has several limitations though.

SEO Destroyed By URL Forwarding - Can't figure out another way

We design and host websites for our clients/sales force. We have our own domain: http://www.firstheartland.com
Our agents fill out a series of forms on our website that are loaded into a database. The database then renders the website as a database driven website.
/repwebsites/repSite.cfm?link=&rep=rick.higgins
/repwebsites/repSite.cfm?link=&rep=troy.thompson
/repwebsites/repSite.cfm?link=&rep=david.kover
The database application reads which "rep" the site is for and the appropriate page to display from the query string. The page then outputs the content and the appropriate CSS to style the page and give it its own individual branding.
We have told the user to use Domain Name Forwarding to get the users to their spot on our server. However, everyone seems to be getting indexed under our domain instead of their own. We could in theory assign an new IP to them, the cost is not the issue.
The issue is how we would possibly accomplish this.
With all of that said, them being indexed under our domain would still be OK as long as they would actually show up high in the ranking for their search term.
For instance, an agent owns TroyLThompson.com. If I search Troy L Thompson, It does not show up in my search. Only, "troy thompson first heartland" works (they show up third)
Apart from scrapping the whole system, I don't know what to do. I'm very open to ideas.
I'm sure you can get this to work as most hosting companies will host hundreds of websites on a single server (i.e. multiple domains on one IP).
I think you need your clients to update the nameservers for their domains (i.e. DNS) to return the IP address of your hosting server. Then you need to configure your server to return the right website based on the domain that was originally requested.
That requires your "database driven website" to look in the HTTP request and check which domain was originally requested, then it can handle the request accordingly.
- If you are using Apache, see how to configure Apache to host multiple domains on one IP address.
- If you are using Microsoft IIS, maybe Host-Header Routing is what you need.
You will likely need code changes on your "database driven website" to cope with these changes.
I'm not sure that having a dedicated IP address per domain will help much, as then you have to find a way to host all those IP addresses from a single web server. However, if your web server architecture already supports a shared database and multiple servers, then that approach might work well for you, especially if you expect the load from some domains to be so heavy that you need a dedicated web server for them.
Google does not include URL in its index which return a 301 status code. The reason is pretty obvious on second thought, because the redirect tells Google "Whatever was here before has moved there, please update your references". One solution I can see is setting up Apache virtual hosts on your server for each external domain, and have each rep configure their domain's DNS A record to point to the IP address of your server.

Resources