I have a web site that work with external Credit Card Processing (cybersource)
when user want to buy the webpage redirect to cybersource the user fill his details
and click buy, the page redirect to my web site and show this message
"the current web page is trying to open a site on your intranet do you want to allow this"
the user need to click yes or no how can i avoid this message to show up?
Thanks
My first thought - are you testing this with a server that is on your own intranet? If so then it's a spurious warning that doesn't require any action from you to change. I don't think that many end-users will be using your site from the same intranet as the production webserver. :-)
Related
I have an issue i cant figure out, i have a small web matrix webpages site, i am using Parse.com SDK and when a user logins in - i am logging them in on the server side.
The problem is that if another user anywhere else opens the site, they are logged in with the user that logged in elsewhere.
e.g. I am in the UK and i login - i get logged in fine and land on the dashbaord page. now any other person anywhere else in the world goes to the site xxx.com they are automatically redirected to the dashbaord as the user i last logged in with.
Any help would be really appreciated.
Parse SDK is for client side (not for Server side). I suggest you to see the source code of Parse in github.
If I want to explain you in detail: reason is that the DLL has shared Token in ParceUser.cs file that filled automatically by your login and it's shared over whole DLL and is singltone pattern.
I have the requirement to redirect to mobile site when the user views our site from a mobile.
I am ok with this, just check the device and redirect. (using HTTP_USER_AGENT) and then
requestContext.HttpContext.Response.Redirect("http://mobile.example.com");
But then on the mobile site, if they choose to view the full site, it should allow them to do so.
There is a link in the mobile site to view the full site.
I am confused because if user clicks the link to view the full site it would again redirect them to the mobile site.
Any idea how to do this?
I found out an issue at my client's site regarding single sign off. for ease of use, i keep the client site name simple.
We developed site1.com using ektron 8.2sp2 framework and when you log into www.site1.com, you can go into "My Page" link, which takes you to www.site2.site1.com, which is a single sign-on.
This page has a log out button, when clicked, it logs off the user from www.site2.site1.com and you have a 'home' link, which takes you to www.site1.com, to log off from there too.
But, if the user just logs off from www.site2.site1.com and closes the browser, and reopens the browser to go to www.site1.com, it takes the user to the login page of www.site2.site1.com
I am trying to figure out the best way to log off the user from www.site1.com also, when the user logs off from www.site2.site1.com
I dont have access to the source files for www.site2.site1.com So, could some one help me how i can redirect the user to logoff from www.site1.com ?
This happens only in IE 8 and Firefox 3.6 but chrome behaves wonderfully.
Thanks in advance.
i guess, the answer to this is FormsAuthentication.SignOut(); will take care of it.
Our web app currently under development has authentication on all the pages.
We can deny a user access to any particular page but have found that if a user had previously opened the page that they can still access the page via the url. [Even if they log out and log in]
Assuming that the page is coming from client cache [Ctrl F5 in IE kicks in the proper authentication behavior or clearing the client cache]
A lot depends on how we have implemented the authentication but a quick fix on our side would be from within the admin section where we deny access to certain pages that we expire client cache for that page.
Is there a way to do this programmatically.
This would mean that client caching would continue to work as normal for all other users that still had access to the page in question.
You can add this line to your Page base class or any where in a specific page you want to disable caching on.
Response.Cache.SetCacheability(HttpCacheability.NoCache)
We are rolling out a site for a client using IIS tomorrow.
I am to take the site down to the general public (Sorry, we are updating message) and allow the client to test over the weekend after we perform the upgrade.
If it is successful, I open it to everbody - if not, I rollback.
What is the easiest way to put a "We're not open" sign for the general public, but leave the rest open to testers?
Redirect via IIS. Create a new website in IIS and put your "Sorry updating" message in the Default.aspx. Then switch ports between the real site (will go from 80, to something else (6666)) and the 'maintenance' site (set on 80).
Then tell your testers to go to yoursite.com:6666.
Then switch the real site back to 80 after taking down the 'maintenance' site.
I thought it would be worthwhile to mention ASP.NET 2.0+'s "app offline" feature. (Yes, I realize the questioner wants to leave the app up for testing, but I'm writing this for later readers who might come here with different needs).
If you really want to take the application offline for everyone (for instance to do server maintenance) there is a very simple option. All you have to do in ASP.NET 2.0 and higher is put a file with this name:
app_offline.htm
...in the root directory of your ASP.NET application. Put an appropriate "sorry come back later" message in there. That's it. The ASP.NET runtime does the rest.
Details on Scott Guthrie's blog.
Require that testers login. You can even hide the login page so that you need a direct link to even see it. Then, for all people not logged in, redirect to the page that displays your message.
Fire up another "site" in IIS which will catch your host-header for your primary site. Use either a custom 307/503/404 page that has "we're down for maintainance" or use some sort of URL-rewrite to redirect people to your single static file.
switch host-header-binding on your real site to something else, like dev.domain.com or testing.domain.com that your developers use.
Or, block by IP, and have your custom "Not authorized" page tell visitors that your down to maintainance.
You have several options.
Some methods that I've used before:
Windows authentication and/or separate subdomains for client to test.
Disable anonymous website access in IIS and give your client a username/password combo to test the website.
Disable default document in IIS and give your client an absolute URL to the main index file.
We tend to have a log in page and an include file across all pages in the site (usually the DB Connection as it's included in all files) that checks for a valid logged in session. If you've not logged in you get a message saying the site's down for maintainance