Goal: Inject snippet
To enable Newired in the application there must be a snippet on every application page. It means adding the code snippet to the body of the page. Because Newired needs to be executed after all other page elements are loaded, the best practice is to add a snippet after all elements, hence at the end of <body>.
Most proxy servers have modules that are needed to perform this task. The modules are used to inject the snippet so it can be delivered over the web application.
Snippets should be only in the top document and not in inner documents like IFrames and its document body. Injecting in body elements of such documents must be avoided.
<script id="newired-snippet" async src="https://<content-delivery>/<siteId>/loader.js" onload="initOverlay()" onerror="loaderFailed()"></script> <script> function initOverlay() { newired.initialize({ backend: "https://<newired-portal>", collector: "https://<newired-portal>/collector/collector.js" }) } function loaderFailed(e) { console.error("Loading of Newired Overlay failed. Cause: ", e) } </script>
Example: NGinx
If there is no direct way how to put the snippet into the target application using the target application settings, we need to deploy (install) the snippet using the proxy server.
We usually create a filter that replaces the end tag of the body with a snippet.
Like in NGinx:
sub_filter '</body>' '<script id="newired-snippet" async src="https://<content-delivery>/<siteId>/loader.js" onload="initOverlay()" onerror="loaderFailed()"></script> <script> function initOverlay() { newired.initialize({ backend: "https://<newired-portal>", collector: "https://<newired-portal>/collector/collector.js" }) } function loaderFailed(e) { console.error("Loading of Newired Overlay failed. Cause: ", e) } </script></body>';
Example: Apache/Oracle HTTP Example
You need to make sure of is that the location is correct for your application server and that it uses the Newired deployment address.
As the Oracle HTTP server is based on Apache the two modules (LoadModule substitute_module modules/mod_substitute.so and LoadModule filter_module modules/mod_filter.so ) need to be loaded and then the snippet can be added as shown above.
Fix Content Security Policy issue
To unblock loading of Newired resources is usually needed to update the Content Security Policy header. We noticed that your configuration has already changed the security headers and mentioned that one is unblocking all resources by default. Hence there is no need for an update. But it has to be thought about when some restrictions are done.
teamcenter-xxxxxxxxx.com {
tls {
DNS route53
}
header {
Strict-Transport-Security "max-age=63072000"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Frame-Options "sameorigin"
Content-Security-Policy "upgrade-insecure-requests"
}
encode zstd gzip
root * /var/www/default.site
reverse_proxy prodlife-xxxxxxxxx.com:3000
}
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article