This week on the podcast, Kyle discusses a workflow message tester, and the thought process behind setting up IB failover. Dan explains what the ampersand at the end of URL means for PIA URLs.
This week on the podcast, Kyle and Dan discuss how to hide public PeopleSoft pages from search results using the robots.txt file, good ideas gone bad when debugging, and how to contribute custom ACM plugins to the community (Thanks Cory!).
This week on the podcast, Colton Fischer joins Dan to talk about hidden ACM plugins, using the Web Profile to extend HTML pages, and his experience working with the Page and Field Configurator.
This week on the podcast Dan and Kyle discuss Colton Fischer’s Web Profile discovery, Kyle shares his CPU Patching process and how he automated the process then Dan discusses how he resolved a PIA domain bug.
- Cryptomining Vulnerability and PS @ 1:00
- Colton Fischer on Signon Page changes in the Web Profile @ 4:30
ps_patchScript @ 12:30
- 8.56 PIA Domain Bug @ 26:00
In PeopleTools 8.55, Cross-Orign Resource Sharing (CORS) is now supported. Don’t know what CORS allows? Here is a good primer on the topic.
The Same-Origin Policy restricts the browser from performing certain actions by scripts or documents based on the origin. The origin is everything in the URL before the path (for example, http://www.example.com). For certain actions, the browser will compare origins and, if they don’t match, won’t allow things to proceed. For example:
- A parent document can’t access the contents of an that comes from a different origin. This prevents a malicious site from opening up your bank’s website and stealing your credentials, as an example.
- While one document can send information to another via a form post, AJAX requests across origins are generally disallowed.
The Same-Origin Policy is a vital piece of web security architecture, but it also poses a problem. What happens when you want to allow a site with a different origin to access your content?
Here is a great example of where CORS support can benefit PeopleSoft. In Enterprise Learning Management, you can link to hosted web-based training. Often, that web-based training is on a different domain. With CORS support, you can add in remote sites in the Web Profile and display remote courses in your ELM environment.
To enable Cross-Origin sites, open your Web Profile. There is a new tab, Authorized Site, that lets you list many sites to support.