I've used several Twitter apps and they all seem to shorten URLs using the website's own URL shortener instead of bit.ly or tinyurl.com or something. For instance, Amazon's is amzn.to. Is it that these apps are really keeping up with the most popular sites (Amazon, Dell, ESPN, Microsoft, Google, Apple, etc) or is there a metatag, javascript, or something else that I can add to my web application to have it use a custom URL shortener? We have one that we've used forever as our domain name is over 20 characters in length.
Basically, apps that are supporting bit.ly and other URL shorteners can tell who you are and thus shorten the URL appropriately using a custom domain.
Related
I am working on Asp.Net MVC 5. When i click a link (placed in another website) I navigate to UserDetails.cshtml page. Basically that 3rd party site is passing the UserName & Password to my site & using that I authorize & display further user info.
It's fine but the Url is looking like this
localhost:8080//Admin/UserDetails/UserName/PWD.
I don't want to show the UserName & Password in URL i.e URL should look something like :
localhost:8080//Admin/UserDetails/
One possible solution could be rewrite the URL in IIS (http://www.hanselman.com/blog/ASPNETMVCAndTheNewIIS7RewriteModule.aspx)
But I believe there is an easier way to handle this by using the routing mechanism of MVC.
Please help me to figure out the same.
EDIT :
As many of you are confused why I am not doing a Form Post here, let me re-frame my question. I have no control over the third party application, so I cant request them to do a form Post to my MVC application. Again the 3rd party application is a Oracle Reporting application (OBI), so doing a POST from that application might not be feasible too...
Let me reverse engineer your requirements from your question:
I want to have an URI that when invoked will give access to a secured section of my website. This URI must be clicked by visitors of a third-party site, whom I give that URI to. I want to hide the credentials from the URI.
You cannot do this, the requirements are conflicting. You cannot hand out URIs that will authenticate anyone who fires a request to that URI.
You could do something with a token (like http://your-site/auth/$token), but then still, anyone with access to that URI can use it to authenticate themselves, or simply put it up on their own website.
If you have data you want to expose to a third-party site, let that site perform an HTTP request (with tokens, usernames, headers or whatever you want to use to authenticate) in the background to your site, and display the response in their site. Then the visitor won't see that traffic, can't share the URI and all will be secure.
No. No. NO. Like seriously, NO. Any sensitive information should be sent via a post body over a secure connection (HTTPS). You can't "hide" information in a GET request, because it's all part of the URI, or the location of a particular resource. If you remove a portion, it's an entirely different location.
UPDATE
I find it extremely hard to believe that any third-party application that needs to authenticate via HTTP and isn't designed by a chimp with a typewriter, wouldn't support a secure method to do so, especially if it's an Oracle application. I'm not familiar with this particular app, but, and no offense meant here, but I would more easily believe that you've missed something in the documentation or simply haven't found the right way to do it yet before I'd believe you have to send clear-text credentials over GET.
Regardless, as I said previously, there's no way to hide information in a GET request. All data in a GET is part of the URL, and therefore is plainly visible in the browser location bar or whatever. Unfortunately, I have no advice for you other than to look closer at the documentation, even reach out to Oracle if you have to. Whether by post or something like OAuth, there almost has to be another way.
I have a one page website which includes an English main page, and a French Main Page. One can access my website through the following URLs:
ENGLISH VERSION OF MAIN PAGE
www.example.org
www.example.org/index.html
example.org
example.org/index.html
FRENCH VERSION OF MAIN PAGE
www.example.org/fr
www.example.org/fr/index.html
example.org/fr
example.org/fr/index.html
For optimal search engine indexing, should I include all of these URLs in my sitemap (with both http:// and https://)? If not, what would be the set of URLs I should include in my sitemap.xml file?
You should include all unique pages in your sitemap once.
All of the different URLs you listed are just different ways of accessing the same page/content, just like most PHP applications can be accessed via site.org/ or site.org/index.php. Your sitemap should include just one reference to a page.
The best practice is to have one canonical URL per document. And each canonical URL should be added to your sitemap (if you have one).
So in your case you may want to use one URL for the English main page and one URL for the French main page, and redirect (with HTTP status code 301) from the other URLs to the canonical ones. In addition, you can declare the canonical URL with the canonical link relation.
If you need to provide HTTP in addition to HTTPS (instead of enforcing HTTPS), you would of course need to have two URLs per document (one with HTTP, one with HTTPS). But you [should only list one variant in the sitemap](http://www.sitemaps.org/faq.html#faq_http_vs_https "Sitemaps.org FAQ: 'My site has both "http" and "https" versions of URLs. Do I need to list both?'"), and you should only declare one as canonical (ideally the same which you added to the sitemap).
Which URLs to choose can depend on various factors (usability, SEO, your backend, …), but it seems safe to assume that index.html is ballast. You’d have to decide if to use the www subdomain (a common convention) or not. Assuming that you choose to omit it, you could have these canonical URLs:
https://example.org/
https://example.org/fr
And you would redirect the following URLs with 301 to the canonical URLs listed above:
https://example.org/index.html
https://www.example.org/
https://www.example.org/index.html
https://example.org/fr/index.html
https://www.example.org/fr
https://www.example.org/fr/index.html
Hi I am a web application in ROR and shortening url using bit.ly. whenever i create an url using bit.ly i could custom url like http://bit.ly/19Mk8Oj now i want to remove bit.ly and needs to add my own custom url like ferdy.ly/sdf2323 how to do that?
when i Google about this and found the following url http://support.bitly.com/knowledgebase/articles/76741-how-do-i-set-up-a-custom-short-domain-. now i have a registered domain for this from http://libyanspider.com/m and need help to integrate the custom domain with my bitly account? and my application is a feedback engine wherein we are charging user for subscription so i choose business account and received a mail from bit.ly that per month i need to pay $1995.. is custom domain name in bit.ly will cost this much?
what you want is a url shortener algorithm.
Simple explanation with least efforts:
Have a table that you would store your URLs in for lookup, and the id should be auto-incremented(This is default with AR in Rails), convert the id to base 36 with ruby
6788999.to_s(36) #=> "41ifb"
Then you can have a URL as:
foo.com/41ifb
When the request for the shortened URL hits the controller(which you can basically even use bare Routing for) convert the param to an integer:
"41ifb".to_i(36) #=> 6788999
This is a simple basic URL shortener service
Is there a way to use Google Analytics to track vanity urls that redirect to other site locations?
Like this:
http://www.focusonenergy.com/utilities
Resolves to:
http://www.focusonenergy.com/about/participating-utilities
I'd like to know how many visitors used the vanity link. Filtering the Site Content doesn't give an accurate report.
I believe you can, but you need to decorate your vanity link href with additional meta details if you have control of it, or you'd need to track the URL hit server side before you redirect the user. I believe the Analytics has an API you can call from your server side code.
What are the pros and cons of these url formats for a website that does mobile and desktop content...
mobile.example.com
example.com/mobile
no explicit url, but send back dynamic content based on browser, or querystring variable?
thanks
W3 recommends "When accessing site entry points users should not have to enter a filename as part of the URI. If possible, configure Web sites so that they can be accessed without having to specify a sub-domain as part of the URI."
So m.example.com or example.com/m would be best solution