Jump to content
Latest News: (loading..)


  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by Gyakutsuki

  1. 2.4 Full B2B integration make

  2. I saw this article, what do you think ? https://medium.com/@bluepnume/introducing-paypals-open-source-cross-domain-javascript-suite-95f991b2731d
  3. 2.4 easy export database for 2.4.x make and other shopping cart like Creaload, Zencart, Opencart. So you can make than you want to import the data other shopping cart

  4. 2.4 Conversion weight is now included  kg, pouds, ounce ... is not problem now ! More news coming !

  5. When you look some website test and propose some correction. Whith your experience what is the best approach with osc to create a best htaccess. I tried to make a summary; Opinon and correction will be welcome. speed optimization security optimization cache .. Options +FollowSymlinks <IfModule mod_rewrite.c> RewriteEngine On #blocking Libwww-perl access RewriteCond %{HTTP_USER_AGENT} libwww-perl.* RewriteRule .* – [F,L] FileETag INode MTime Size ## URL Canonicalization RewriteCond %{HTTP_HOST} !^www.mysite.org$ [NC] RewriteRule ^(.*)$ https://www.mysite.org/$1 [L,R=301] # RewriteRule \.(gif|jpg|png|js|css)$ - [F] ### FILTRE CONTRE XSS, base64_encode SALETE , DEFINIR VARIABLE PHP GLOBALS VIA URL, MODIFIER VARIABLE _REQUEST VIA URL RewriteCond %{REQUEST_METHOD} (GET|POST) [NC] RewriteCond %{QUERY_STRING} ^(.*)(%3C|<)/?script(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)(%3D|=)?javascript(%3A|:)(.*)$ [NC,OR] RewriteCond %{QUERY_STRING} ^(.*)document\.location\.href(.*)$ [OR] RewriteCond %{QUERY_STRING} ^(.*)base64_encode(.*)$ [OR] RewriteCond %{QUERY_STRING} ^(.*)GLOBALS(=|[|%[0-9A-Z]{0,2})(.*)$ [OR] RewriteCond %{QUERY_STRING} ^(.*)_REQUEST(=|[|%[0-9A-Z]{0,2})(.*)$ RewriteRule (.*) - [F] </IfModule> # Compress all output labeled with one of the following MIME-types # (for Apache versions below 2.3.7, you don't need to enable `mod_filter` # and can remove the `<IfModule mod_filter.c>` and `</IfModule>` lines # as `AddOutputFilterByType` is still in the core directives). <IfModule mod_deflate.c> <IfModule mod_filter.c> AddOutputFilterByType DEFLATE application/atom+xml \ application/javascript \ application/json \ application/rss+xml \ application/vnd.ms-fontobject \ application/x-font-ttf \ application/x-web-app-manifest+json \ application/x-javascript \ application/xhtml+xml \ application/xml \ font/opentype \ image/svg+xml \ image/x-icon \ text/css \ text/html \ text/plain \ text/x-component \ text/xml </IfModule> </IfModule> <IfModule mod_headers.c> # Unset Server Signature header ServerSignature Off # Unset Server Technology header Header unset X-Powered-By Header set Content-Security-Policy "script-src 'self' https://www.google.com" Header always set X-FRAME-OPTIONS "DENY" Header always set X-XSS-Protection "1; mode=block" Header always set X-Content-Type-Options "nosniff" Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains" Header unset ETag Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure <FilesMatch "\.(js|css|xml|gz|html)$"> Header append Vary: Accept-Encoding </FilesMatch> <filesMatch ".(css|jpg|jpeg|png|gif|js|ico)$"> Header set Cache-Control "max-age=25200, public" </filesMatch> </IfModule> <IfModule mod_expires.c> ExpiresActive on ExpiresDefault "access plus 2 days" # CSS # ExpiresByType text/css "access plus 2592000 seconds" # Data interchange ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # Favicon (cannot be renamed!) and cursor images ExpiresByType image/x-icon "access plus 2592000 seconds" # HTML components (HTCs) ExpiresByType text/x-component "access plus 2592000 seconds" # HTML ExpiresByType text/html "access plus 0 seconds" # JavaScript ExpiresByType application/javascript "access plus 1 month" ExpiresByType text/x-javascript "access plus 1 month" # Manifest files ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds" ExpiresByType text/cache-manifest "access plus 0 seconds" # Media ExpiresByType audio/ogg "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/jpg "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/ogg "access plus 1 month" ExpiresByType video/webm "access plus 1 month" ExpiresByType application/x-shockwave-flash "access plus 1 month" # Web feeds ExpiresByType application/atom+xml "access plus 2592000 seconds" ExpiresByType application/rss+xml "access plus 2592000 seconds" # Web fonts ExpiresByType image/svg+xml "access plus 1 month" </IfModule>
  6. 2.4 inject hook capability inside html code for the most important files. Customize where you want without to touch the main files.

  7. @tgely I think important to take this rules. In case you approach does'nt work, It's important for all customer can accept or not the cookies You said cookies? With the GDPR, it is no longer possible to indicate on a site the following type of message "by visiting our site, we consider that you accept the use of cookies". You will now have to ask permission for each of the cookies used on your e-commerce site. On our side, we will also update our cookies policy on the SendCloud site and ask permission from all our users to store their cookies during visits to our site.
  8. @tgely I suppose is not yet finished, it must have on the website a popup to accept or not the element ? Is it you idea at the end ?
  9. @tgely : very interesting approach
  10. 2.4 Search Engine URL works with Multi language

    With htaccess rewriting
    In test with api payment like Desjardins, Monetico, Paypal to look incompatibility...

    1. burt


      How is this:


      Preferable to this:


      If you can do:


      Then that is worth doing.


    2. Gyakutsuki


      Agree, not again there, step by step

    3. burt


      Remember that the only Search Engine that matters...does not show URLs anymore for properly set up sites.  So you only need to worry about "readable" URLs that shoppers may find easier to type...

  11. Build, break, build, break .... :wacko:

  12. 100 APPS - + 300 modules avalaible soon for 2.4 final and surprised :)

  13. Addon installer concept

    Impressive development :)
  14. If you want to finish the 2.4, and after to work with 2.4 now since very long month, I know very well. I think you must create a team Team for template HTML : got to boostrap2.4 Test team : go test and restest and try to break the functionalities Coder team : - After my experience, the most important in the first is to migrate general and classes directory in the first time inside OSC. The finalities is to have just one function and not 2 like the 2.3. The harmonisation allow to develop and adapt all element. HPDL begin to do that but currently is not yet finished. - The second thing is to respect the philosophy of the code, note like the last unofficial 2.3.5 . - The third thing is not to include new functionalities inside, just respect the current functionalities, Less is better than to go more; The spirit will be respected - The quater is to migrate the admin in app; App is great if you understand well what you can make with that and the relation between app across the hook About the biggest bug currently inside the 2.4 is the language, I open on github some element than I saw and the rewriting. I forgot lot of things but these elements are essentials if you want to make a beta prefinal and ready to work and easily to create new features in the futur. it' long work and lot of time, and I know, I can tell you ! Project management must make with a project leader take decision and orientation. Coherence ! +
  15. @tgely Do you try something ? Do you want help ?
  16. @tgely Let me more time to demonstrate something == I don't know ! :) Waiting
  17. No Pb @tgely Lot of thing has been made on GDPR but not open to community at this moment. Also, than I read on the forum, the catalog is not taken. I am looking on github some script with GDPR and Citron seems to be good in the approach. Also, this script is made all inside. That's weakness in my opinion, doesn't let the people to create in function of their need but 80% use by users is inside for the free solution. I integrated lot of thing of this element maybe too for a test. If we think to integrated GDPR in the core, in this case, we must have something very modular and updated in function the different page - For all pages - For a specific page like products info Citron is a good approach to see the work. We have all elements with this script. About my approach : Yes Ii integrated a hooks because some ht module has a customization like google analytics. The ht citron is very long with all configuration, that's why I had thought to use hook for a specific configuration. After if you want to modify the hook and add option it's easy to customize. But it's manual. Now it's possible to create an admin page and manage all of that and write inside the db or to use a specific module. Other coders can let their opinion of the orientation must take for that.
  18. @tgely I push the development on github: Note it works only on 2.4 . If someone want to update for 2.3, it will be cool https://github.com/Oscommerce24/ht_gdpr_tarte_au_citron
  19. Ok, I will push github. I am finishing the script.
  20. I found a solution inside the header tags. It's possible to call a hooks with the specific script options In this case the header_tags about google analytics is included inside the hooks and the configuration is managed by the Citron ! header tag. For Citron, I think use 90% of all user use inside their shop. if (MODULE_HEADER_TAGS_GDPR_TARTE_AU_CITRON_PLUGIN_GOOGLE_ANALYTICS_GA == 'True') { $google_analytics_ga = $OSCOM_Hooks->output('HeaderTags', 'GDPRGoogleAnalyticsGa'); // $google_analytics_ga = '<script type="text/javascript">tarteaucitron.user.gajsUa = \'' . MODULE_HEADER_TAGS_GDPR_TARTE_AU_CITRON_PLUGIN_GOOGLE_ANALYTICS_GA_ACCOUNT_ID .'\';tarteaucitron.user.gajsMore = function () { /* add here your optionnal _ga.push() */ };(tarteaucitron.job = tarteaucitron.job || []).push(\'gajs\');</script>'; } like you can see, the script does'nt take option (too specific), That's why inside a hooks it's possible to create differents function and after display information $this->getOption() $output = '<script type="text/javascript">tarteaucitron.user.gajsUa = \'' . MODULE_HEADER_TAGS_GDPR_TARTE_AU_CITRON_PLUGIN_GOOGLE_ANALYTICS_GA_ACCOUNT_ID .'\';tarteaucitron.user.gajsMore = function () { ' . $this->getOption() . ' };(tarteaucitron.job = tarteaucitron.job || []).push(\'gajs\');</script>'; Now it's possible to create the hooks in consequence. Advantage, The headertags code is not surchaged Inconvenient : All is not automatics but if the hook is not included inside, it's not a problem, you can create a hook and include in the directory later and it's automaticly use (if the element exists inside the header tag of course) It's possible to manage the social network more easily and display it on the good page for most of them (not again tested) Now all could be managed by one script, it's a good thing, I don't know, but in all the case it will be difficult to manage these elements with some script everywhere and to be correct with the GDPR.
  21. Yes, you have right but most common used is implemented in tarteuacitron. Sent you a zip to test
  22. Hello, I am working on a module GDPR. Please, let me know what the plug in you want inside this module. The most common used. https://opt-out.ferank.eu/en/install/
  23. Hello, The Intelligence artificial is mor and more present inside the SEO Do you start to thinking about this problem? https://techcrunch.com/2016/06/04/artificial-intelligence-is-changing-seo-faster-than-you-think/ +
  24. There are days where everything seems to be going wrong