Develop Reference

Why payment implemation is consider safe in js?

Hello i'm making a small work with a e-commerce site. To make it better i thought that it was a good idea to implement payment API in the site and i'm thinking to implement Google pay and paypall. I saw the documentation and Google implements its payment method with JS. I studied that JS as HTML or CSS can be changed by the user so why is it consider safe to use JS for payments method?
My question comes when i saw this piece of code:
function getGoogleTransactionInfo() {
return {
countryCode: 'US',
currencyCode: 'USD',
totalPriceStatus: 'FINAL',
// set to cart total
totalPrice: '1.00'
};
}
cause if someone change totalPrice can not pay things. Sorry if the question can seems stupid or idiot but i used to program in PHP so this is new to me.
In few words: Why is Google using javascript to process payment info when it can be changed if you just edit it in the console?
Sorry for my bad english.

Why is Google using javascript to process payment info when it can be changed if you just edit it in the console?
In short:
It is not being used to process the payment because Google Pay does not process the payment.
Yes, it can be modified in the console, however this has no affect on the actual payment processing.
With a bit more detail:
Google Pay does not actually process the payment. It facilitates it by presenting a list of payment options for the customer to choose from and securely sharing the selected option with the payment processor. This avoids payment details (like card numbers) from being exposed and transmitted unnecessarily.
The amounts that are provided in the client side/javascript are used to improve user experience in the payment details UI (e.g. dynamically update the total amount based on shipping details). When a payment is sent to the payment processor, this is handled with server-to-server communication and should not rely on the amount provided by the client.

SMS Personalization using AMPScript in Salesforce Marketing Cloud

My CRM team is running into problems when attempting to personalize SMS using AMPScript. The syntax used is as follows:
%%[
Var #subscriberKey
Set #subscriberKey = _subscriberKey
]%%
%%= v(#subscriberKey) =%%
Thank you for signing up for a 45 day risk-free hearing aid trial! One of our expert hearing consultants will call you soon to discuss next steps. During this call, we'll discuss your hearing loss situation and go over the details of the 45 day risk-free trial. We look forward to speaking with you shortly!
I have created a data extension in Marketing Cloud with just me in it, and used it on a journey that sends a text message with this content to my phone. The text message delivers, however the personalization content is not in there, just the plain text is shown. Of course, once the personalization works, we will change it so that other information is in there and not subscriberKey, but for now it would be a ton of help to know why the syntax is not working when it should.
Kind regards,
Michael

you will need to add the personalized field i.e. First Name/ Subscriber Key/etc in the following format %%FirstName%% . This field is actually picked up from the Attributed which are linked in your Contact Builder. Look for Mobile Connect Demographics, make sure these attributes which are trying to add in personalization are present there.
Now next step is how to link your information from your Master DE to the MobileConnect Demographics, for that u need to create an Import Activity from Contact Builder, and Import these details in a Mobile Connect List.
Hope this helps.
Mobile Connect Lists are different from Emails Studio Lists - Keep this in mind.

After Changes to Google Analytics Tracking Code - Returning Users Considered New Users?

I need to change a piece of code in my Universal Analytics snippet from:
ga("create", "UA-######-#", {"cookieDomain":".ourdomainname.com"});
to:
ga("create", "UA-######-#", {"cookieDomain":"auto"});
My question is - once I make this change, will all returning users (about 1/3 of my traffic) suddenly be considered brand new first-time visitors and get a whole new Analytics cookie? Or any other problems or inconsistencies with data and tracking visitors before this change vs. after? Very little info about this out there online ...

Password protection for a page with a simple function - what are the downsides?

I am doing work on an e-commerce platform, and I was asked to come up with a solution so that a certain group of customers could enter a password protected page on the site. The platform doesn't allow for this, as in the functionality is not available, so according to customer support, it's something you would have to create a custom template for and build from scratch. It doesn't need to be fancy, or hacker proof, just secure enough. So instead of doing that, I dropped the script below into the body of the page.
My first version: I use a prompt to ask for an input (password). If you click "prevent this page from creating additional dialouges", it creates sort of an infinite reload loop for that tab (not ideal, but problem?). Are there other serious problems? Easy hacks for your average person?
$("body").hide();
var passwordCheckFunction = function() {
var testPassword = window.prompt("YOU SHALL NOT PASS");
if (testPassword === "thisPredefinedPassword") {
$("body").show();
} else {
location.reload();
}
};
passwordCheckFunction();
Any advice would be much appreciated, and thank you for your time.

Create your secret page as a category.
Customize it to your heart's desire by choosing a custom template
file for it.
Finally, restrict it to only the authorized customer group
by removing it from view from guests and every group except the
authorized one.
Using this method, the customer only has to sign into his/her own customer account. BigCommerce will prevent access to the page by reading the assigned customer group of the customer.

I realize this isn't your desired method, but you might consider instead just making your page inactive in the admin area of your BC store, then instead of a password provide the direct url for users that are able to see that page.
I'm not sure about the implications for google indexing with an inactive page, but I would assume that they are set not to index it, and if not you could set it in robots.txt

Standalone Javascript layout engine?

Assuming I retrieved HTML content from a website (over which I have no control), and that content contains lots of Javascript code that's a significant part of what's actually rendered by a layout engine (e.g. WebView).
Is there a way I can render it myself?
For example, in the extreme case, suppose I am visiting a website that has almost nothing in its but displays very rich TEXT content, via a host of Javascript functions (which obviously results in HTML).
How do access/read that HTML result?
I am looking to do this on Android only.
Update, trying to provide more context to #abesto. If you go to facebook.com and copy/paste rendered content into a text file, you'll receive:
Facebook logo
Email Password
Keep me logged in Forgot your password?
Facebook helps you connect and share with the people in your life.
Sign Up
It's free and always will be.
First Name:
Last Name:
Your Email:
Re-enter Email:
New Password:
I am:
Birthday:
Why do I need to provide this?
Security Check
This field is required.
Enter both words below, separated by a space.
Can't read the words below?Try different words or an audio captcha.
Please enter the words or numbers you hear.
Try different words or back to text.
Loading...
Text in the box:
What's this?
Back
Registering…
An error occurred. Please try again.
By clicking Sign Up, you are indicating that you have read and agree to the Terms of Use and Privacy Policy.
Create a Page for a celebrity, band or business.
* Română
* English (US)
* Español
* Português (Brasil)
* Français (France)
* Deutsch
* Italiano
* العربية
* हिन्दी
* 中文(简体)
* »
Facebook © 2011 · English (US)
Mobile · Find Friends · Badges · People · Pages · About · Advertising · Developers · Careers · Privacy · Terms · Help
But if you look at the actual source (what you get in HttpResponse) you'll see much more monstrous text... mostly javascript.
I am only interested in the result of that Javascript. Any ideas how to accomplish this?

I think the answer is yes, but don't do that.
If I had to implement a solution for translating 'Facebook' to a mobile phone, I could set up a server, maybe on Amazon EC2 and run the browser there, using a browser automation solution, such as Watir to simulate the clicks and scrape the data off the page. I think it's too much to hope for that you could run that efficiently behind the scenes on the phone itself.
However, the better solution might be to use Firebug/Fiddler etc to reverse engineer the ajax calls being sent and find a way to get the underlying data? Or maybe you just need to reverse-engineer the JS :(.

It sounds like you want something like this :
http://jsconsole.com/
You basically load the url and mess with it. You just need to hook something into it to do it programmatically.
Take a look at their remote debugging explanation.
Since it's hooked upto to your android over a stream you can use any old PC technology you want to sniff the HTML.