Sharing a private URL in google plus - google-plus

I am trying to use https://plus.google.com/share?url=<URL> to programmatically share a site to a private circle on Google Plus. It's not a problem when I use an externally visible website, but I would like to share a private URL (host on an internal network).
When I use a private URL, the plus sharing page shows a spinning icon, as though it's trying to access the internal URL for content, and the 'share' button remains dim - I cannot move forward.
I tried adding noverify=true or verify=false, etc to the GET line, but that didn't change the behavior. I suspect it can be done, because I can post private URLs via the taberareloo plugin on chrome.
Is there a way to skip probing the provided URL link, or otherwise post a private URL when posting to Google plus circles using the https://plus.google.com/share?url=<URL> mechanism?
Thanks.

No, there's no way to skip the fetch of the target page when you use the share link.
The fetch is how the snippet of your page, that is shared to Google+, is created. Without this fetch there would not actually be anything to share.

Kind of a funky workaround, but you could have a public page which is just a redirector (not a 301, but rather a javascript or meta redirect), and provide that link to G+. It would understand it to be a normal public page, while the user experience would be to get redirected to your internal link.

Related

How to get public access to files or images from Podio API if I have image ID or File Object

I have created an app on Podio. Items are attached to that particular app. In the items there is an option to upload an image. Now I am authenticated with the App ID and App Token from Podio PHP API. I get the file object and grab the thumbnail link. The thumbnail link is working on the browser where I am already logged into to Podio. But it does not working on private window. It redirects me to login page.
So my question is how could I get public access to the thumbnail link?
Short answer: you cannot.
Long answer: when Podio hosts a file, it checks if you're authorized to view it. So if you're logged in and viewing the url through your browser, it will show, otherwise not.
You would need to copy the image to a publicly accessible location. For example, on your web server:
$file = PodioFile::get($file_id);
$raw = $file->get_raw();
file_put_contents("/var/www/html/image_path/".$file->name, $raw);
Then you could view the file:
http://my_domain.com/image_path/image_name.png
You can get a "public url" for a file stored in image field using Globiflow (it is now available with a premium plan). I guess it adds some kind of a proxy layer for private files. So you may add a special field to store this public URL, set/update this field value with Globiflow workflow and use this URL for public pages.
Have not found public documentation for this, but the value "Public URL" is currently available for image fields, I've specially checked.

Showing file selection UI : Integrating Dropbox with OAuth 2

I am trying to create a web page which will allow my user to upload a file to my S3 storage. For choosing the file user can use Google Drive, Dropbox and also local system. Am facing issues while implementing the Dropbox part of this.
Am using this technique for integration(using core API and OAuth 2).
First when user chooses Dropbox i am opening an HTML page in an IFrame. Here I have an authorize button which will open the authorize endpoint mentioned in the above link. This link shows me X-FRAME-Options error inside the Iframe so i had to open this link as a popup to work.
Is there a way around this? I'd like the authorize URL to open in the same iframe by using location.href.
Also when i open it as a popup, after the user logs in successfully the redirect_uri which i pass i getting opened in the popup. I had to do some unconventional setInterval coding to go around this. Can someone suggest a solution for this as well?
I also tried using CSRF tokens as mentioned in Smarx's blog but this also gives me the same error.
EDIT :
#smarx i tried using dropbox.js and it works fine. Stuck at one place
I used the OAuth popup driver and have a button which says sign-in.
First on load i create the client and then the popup driver as below
client = new Dropbox.Client({ key: client_id });
client.authDriver(new Dropbox.AuthDriver.Popup({
receiverUrl: "http://localhost/uploadCare/dbcallback.html"
});
);
And in the call back html i am writing
Dropbox.AuthDriver.Popup.oauthReceiver()
as mentioned in the docs.
But this does not take me back to the original page and show me the list of files.
I particularly did not understand this part of the explanation
"To use the popup driver, create a page on your site that contains the receiver code, change the code to reflect the location of dropbox.js on your site, and point the Dropbox.AuthDriver.Popup constructor to it."
Could you please help me out here.
You definitely can't put dropbox.com into an iframe, for security reasons (e.g. clickjacking).
A few suggestions:
Can you just use the Chooser for your use case? That would certainly be easier for you and your users.
If you can't use the Chooser, is there a reason you're not using dropbox.js? It has a popup auth driver that will pretty much just take care of all this for you. The redirect will definitely happen in the same window as auth, so communication between the windows (usually via localStorage) is generally necessary. This is already done in dropbox.js.

Additional pages with SPA

I'm creating a SPA app using Durandal and I would like to include a credit card payment facility. The guys that I'm looking at requires you to give return URLs to success, cancel and a view other pages, is that possible?
To me it would be breaking the 'single page' part of SPA, but is it possible? Could I do it all in a window?
Disclaimer: I don't know Durandal, but you would solve this in an SPA using either "hashbang URIs" or actually re-serving the SPA in your webserver for the requested return URI and adjusting the content using the same technique as hangbash URIs but using history.pushstate/history.popstate instead, see here: https://developer.mozilla.org/en-US/docs/Web/Guide/API/DOM/Manipulating_the_browser_history
A more general article from Google is available here that covers the same principle: https://developers.google.com/webmasters/ajax-crawling/
This "works" because SPAs are SPAs only in that the browser requests a new HTML document from the server once (or in your case, twice), the SPA should still be updating the history and address-bar state of the UA as the user navigates the application, just as though it were a regular multi-page application.
A great example of this is GitHub's source navigator: Try here ( https://github.com/angular/angular.js ) and navigate the repository, observe that the contents of the file-listing change as does the address bar, but your browser doesn't reload the whole page... yet if you copy+paste the (modified) address bar address into a new browser window, you get the same page back.
I looked into doing credit card processing from a SPA and the best option I had found was Stripe. They supply a javascript file that looks like it would work, I never implemented it on my project due to time constraints so I can't confirm that it works but it looked very promising.
IFRAMEs are quite good for this sort of thing. You can use jQuery to hook an event handler to the page load event and this will tell you when the other end has responded. Load the 3rd party page into the IFRAME and serve response pages on the URLs you provide to the service provider. As mentioned by others you can use routes to identify the response pages. The IFRAME will stop the round-tripping from mucking up your application state and in fact it is possible to put script in your response pages that dot-notates its merry way up the DOM and into your app.

Login to Google from iFrame

I have seen that it is not possible to display any Google page from an iframe. An error message is displayed: cannot display, open in a new window.
I need to login to Google (OpenId authentication) from an iFrame in Joomla (cannot change this). Is there a workaround for this? I thought I could open the authentication page in a new window, and then try to kill that window and reload the original one, but I am not sure I can do that.
Thanks
Well you can just get the form (html code) and put it in your iframe but this will get very messy, for example, there maybe certain JS files that you need to include as well.
Redirecting to Google is best way to implement it.As Using IFrame Sometime does not allowed by some Companies Due to Security.

Google share button, is it possible to share content from one URL and link back to another?

Example an online learning application that you want to share your results which are behind a logged in part of your site. So you add a public URL to your site for google to fetch the content (img, description, title):
data-href="http://www.example.com?result_id=24".
But then when someone views the post and sees the shared content and clicks the link to the site it goes to:
http://www.example.com?result_id=24
The only way I can think of is redirecting the user to http://www.example.com once they land on the shared URL.
Is there an official way or better way to do this?
Thanks
No, but there is a work around.
The URL that you share is used for both the snippet and place users are sent when they click.
However, you can put schema.org or OpenGraph markup on these pages that describes the content behind the login wall. This will allow you to specify a title, description and thumbnail. You can read more about configuring your snippet on Google Developers.