So I am working on a fairly simple project, basically a web page that should list the captions from a certain instagram account. It's all designed, it just needs to be lit up with the content. Have a look at http://evanshellborn.com/speechofthebeets/.
I found that you can see a json file containing all the necessary data at instagram.com/{username}/media. So in my case, https://www.instagram.com/beets_are_life/media/. So before I put that page actually online, I was on my local machine, and I did a JSON call to that page and it worked perfectly. So I built it all out and my web page loaded the captions just like I wanted it to.
Then I went to put it online, (http://evanshellborn.com/speechofthebeets), but it doesn't work. Have a look at the script at the bottom of it, on my localhost that code works and the captions get loaded. But on the live page, I get an access not allowed error in the console. So I think Instagram doesn't allow this sort of direct access anymore, you have to go through their API.
Now I've tried looking at the API but it seems rather confusing. Basically what I'm asking for is a different JSON url that would give me the same result as https://www.instagram.com/beets_are_life/media/, but that would work from the live page.
I think https://api.instagram.com/v1/users/{user-id}/?access_token=ACCESS-TOKEN would work, just replacing {user-id} with the appropraite user_id. But where do I get an access token?
From reading https://www.instagram.com/developer/authentication/, it looks like you get one when a user puts in their user credentials. But I don't want to have anyone log in, I just want a simple web page.
Hopefully that made sense. How can I do what I want?
Looks like the API url https://www.instagram.com/beets_are_life/media/ does not support jsonp (no callback support), so u cannot use javascript (client side) for making API request, it will fail because of Access-Control-Allow-Origin error on browser side, you have make this API call on server side as proxy.
I guess https://www.instagram.com/<USER_NAME>/media/ is not a publicly documented API, thats the reason it is not supporting jsonp, Instagram uses it for their website and since it is same-origin it will work for them on client-side
This link will help you embeding the instagram on a simple html webpage.
There is a button on the bottom of the post on instagram.when you click on the link a menu pops up. then click on embed
now a box pops up
just copy paste the html and you are done.
it will fetch the post for you
Related
Think of it like a login page. You type in all the credentials and click login. But I wanna check the username and password are correct or not and they will be in my database. So i use a API to communicate. And then u click login then through JavaScript i send a request but then the browser totally changes the page. All i want is the result but the browser changes the URL. Is there a way to do it?. Currently I am letting the page redirect back, its working fine but it just looks ugly.
Sorry i didn't include any code, I thought Code isn't necessary.
It's difficult to guess without seeing the code.
Anyway, are you using fetch?
Fetch is used if a browser should not navigate to a new page. The response is processed using Javascript instead.
Take a closer look at the fetch API, I think it can solve your problem.
I read more in the Internet, but I didn't managed to find solution to this problem:
Is it possible to attach some external content in case of sending X-Frame-Option=SAMEORIGIN by server ?
I know that <iframe> can't be used, however maybe there exists some another way.
Thanks in advance
No, it's not possible to show another page's contents within your website if they are setting the HTTP header X-Frame-Options: SAMEORIGIN. That header says that the page can only be embedded on pages on the same domain name.
However, if you are running your own server-side application (i.e. using PHP, Node.js, etc), you can scrape the website on your server, and then display whatever info you needed from the other site that way. It will be more work this way, and you probably won't be able to perfectly replicate how everything appeared on the source site, but it's the only route you've got. I suggest googling "scraping" + the name of your server-side language/environment to learn how to do this.
I know you can share messages with and this is working on android and ios now:
Share with whatsapp
However I'd like to share an image trough a button on my website like someone would share an image from his phone (gallery). Is this anyhow possible?
One solution that comes to mind is uploading a photo to your server via AJAX, returning the link to the uploaded photo and then sending a message with the link to your photo using the method you described in your question. This is not quite the same as sending an image directly using Whatsapp since the recipient would only receive a link, but I doubt there will ever be a way to send an image to another application from your gallery using a webpage since that would raise some serious concerns.
Roughly, the process would like this (keep in mind that this will require some testing to get right and find a solution that works well on all platforms or at least most of them):
Create an image upload on your website. Simply having <input type="file" accept="image/*"> on your page should, on most platforms, allow you to create a button which will open a dialog to select an image from your phone's gallery when clicked. You can find a full example here or use a library such as Plupload which contains many upload methods, including HTML5 which is what you need.
Create a simple server-side upload. This depends on your language and platform, but all you need to do is store the image somewhere and return a link to it in response. If you don't want to store these images on your server, you could forward it to Imgur API and upload there.
Redirect the user to the whatsapp:// link that contains the image link.
window.location = 'whatsapp://send?text='+encodeURIComponent(imageURL);
This is the point where you need to do some testing on different platforms, though. You might not be able to redirect to a whatsapp:// link this way (since it seems like a security concern), so you may need to trick it (this is a bad idea, but I'm including it for the sake of completeness; the data-action part is from this answer):
var fakeLink = document.createElement('a');
fakeLink.setAttribute('href', 'whatsapp://send?text='+encodeURIComponent(imageURL));
fakeLink.setAttribute('data-action', 'share/whatsapp/share');
fakeLink.click();
In the end, if neither of these work, your best bet is creating a link once the upload is complete for the user to "confirm" sending which actually contains the above whatsapp:// link in the href field.
There are many factors to test and some that are implementation specific so I had to keep it vague without much code - if you come across anything else when implementing this, please mention it in the comments.
I have a website that has a lot of data and that is sensitive to the website so I made a code that prevents right clicks but if you are using Safari it is easy to see the data I need to hide the info also so safari cant view it ether.
Client side, you cannot secure your code from view. Firebug will still show the code. You should have sensitive data on the Server.
You can't.
If the data is sufficiently sensitive that people shouldn't be able to view it, don't put it on a web site.
I m not sure if there is a completely safe solution.
if its images, use flash to load them dynamically.
yet people who knows swf-bin specs can decompile your swf files and find out the real image path.
if its data & text.
as much I can do is to
1: use pure js to render all views.
use XMLHttpRequest/ActiveXObject to load data and import these ajax js code # runtime.
compress your js/css code before deploy
here is one of my mockups
2: on the server side
check the request header to drop command line request.
exchange cookie/session key for each time.
BUT, this will make google-bots don't know how to inspect your site.
so DON'T do that on your landing page.
I have a service and would like clients to be able to place this service on their website. I am looking at doing this by using an iframe. I will provide the code and they can just copy and paste the code to show the functionality. Each client will be discovered by the query string.
There is a concern that anyone can look at the source of the website, copy the iframe and add it to their own website therefore using the service and charging the original client. I obviously want to stop this.
Ideally, I would like to verify that the website that is using the iframe is linked to the client who registered to use the service. Is this possible at all? I know there are issues with cross domain security.
If it isn't possible, I guess I would need to create a widget instead.
For each client, have a whitelist of web sites that can embed the iframe. Then check the 'referer' header against that list whenever the page inside the iframe is loaded.
Or if http headers prove to be unreliable try using javascript, via parent.document.location.href