You can also use the local storage via
m.client_local_storage
Bear in mind that the values are stored on the client.
You can protect from changes via z_utils:pickle. It uses the sign key system used by postbacks
The session storage also has a different scope than session cookies. Session cookies are for the entire browser, so all tabs... Session storage is restricted to one tab.
The self-signed certificate is right now stored in the priv/ssl directory of a site. We are thinking of generating a single self-signed certificate (authority) for every Zotonic install and then use that so sign the self-signed certificates of the sites. In that way it would be easier to handle these certs.
For privacy reasons I am mostly using Safari (don't like the built-in tracking in Chrome), there I can use the self-signed certificates. But... if they change then it is a major problem digging through the keychain to track down and remove the old certificate.
Why do browsers make this basic development thing to hard....
@jontow31_twitter great! I saw the issues passing by in my email, will have a look at them this week. (Very busy week, as I am also talking at the Code Beam Lite in Amsterdam on Thursday)
Probably because some vendors thought it was a good idea to install local configuration websites on macos systems.
After the certificate is in the keychain access tool, you stil can't access the site because the self signed certificate is not authorized.
You have to find the certificate in the keychain tool, and right click it.. Then you can authorize it to do stuff.
It is a very awkward procedure... I have two different macs with a shared keychain account. On both machines I do development with local test sites. Every time I switch development machine I have to go though the steps..
They have removed the accept dialog because some vendors thought it was a good idea to start local websites in their products. After this Apple removed the dialog to protect the average user... It was this problem I think: https://www.theverge.com/2019/7/8/20687014/zoom-security-flaw-video-conference-websites-hijack-mac-cameras
@9to1url_twitter it is located in priv/ssl/self-signed
@9to1url_twitter Then type
open self-signed4096.crt in your shell
@9to1url_twitter The keychain tool will open. It looks like this:
In this case my site is named happy.local. You will see the name in the list. It doesn't have a red or blue marker on it's icon.
This means that it is not trusted... Double click it.. The window showing the details of the certificate appears.
It includes a Trust panel which can be opened. When you open it you see a couple of select boxes.... Trust the certificate for SSL.
After this you have to type your password.
After this step you can use safari to connect to the local site. Sometimes you have to restart safari. YMMV.
Another question: is Zotonic a full featured email server as well? Does Zotonic need another MTA? or has it own MTA and can assign domain on it? SMTP/IMAP/POP3 support? show/send email and in webpage?
There is a notification for every received email and you can generate email addresses connected to specific handlers.
@arjan Could you share more idea how to call or integrate Elixir with Zotonic? Basically I am not asking more, but this is the min list:
- I have an existing app Elixir/Phoenix, I need to call Zotonic to get Article to show, compose in Zotonic, show in Phx
- I want the Phx app and Zotonic run in same BEAM
Thanks.
@mworrell Since I am really starting to dig into Zotonic, the good Ref part :-) , I feel not only me, might be a lot of folks also underestimated Zotonic.
Here is the reason:
- I have chance to work with Liferay , that is a great product as well. But I found the performance not good even give a lot of resource.
- Most Java JVM CMS suffer performance issue due to the JVM locking nature.
- Zotonic template / controller more clean and much easy to customize.
My suggestion should be: Get some venture capture and really expand the user base. :-)