Hi,
I post that here due to the lack of answer in the Customization forum. I hope someone could help me on that.
I tried to construct a specific page without authentication for indexing bots (crawler for search engines), but with no luck. The purpose is to let bots index private projects. Private projects will be fully searchable, but not cached.
Why would I want to let bots index bugs, but not let anonymous login on the project ? In a word : I want people to sign up before they see all the issues, as in some forum. But I want the issues to be searchable on Google and others.
I'll check the user agent, in order to redirect people coming from Google and co. to the non-modified pages. Pages will be set as NOARCHIVE, so the private project will be fully searchable, but to read fully an issue, you'll need to sign up then login.
So, it try to build a second version, authentication-free, of view_all_bug_page.php and of view.php. Optionnally, I could try on issues_rss.php. It fails everytime.
I'm not an expert in PHP, but I know how to hack things a bit, so if someone has a clue about how desactivate authentication on a specific page, it could help me a lot.
Thanks by advance
Google-optimized, authentication-free pages ??
Moderators: Developer, Contributor
At the top of the bug_view_page.php and bug_view_advanced_page.php you will find a line that checks the access:
You might want to by-pass this line or replace it with a more relaxed one if the user agent is Google. However, these are things you want to think about:
1. Do you want to expose private issues?
2. You should always assume that users can spoof the user agent and hence be able to see the data. However, an average user won't do that and they can get access to it by just signing up - hence, I don't think it's a big deal.
You may need to do some more tweaks if you don't have anonymous access enabled.
Use at your own risk!
Code: Select all
access_ensure_bug_level( VIEWER, $f_bug_id );1. Do you want to expose private issues?
2. You should always assume that users can spoof the user agent and hence be able to see the data. However, an average user won't do that and they can get access to it by just signing up - hence, I don't think it's a big deal.
You may need to do some more tweaks if you don't have anonymous access enabled.
Use at your own risk!
Migrate your MantisBT to the MantisHub Cloud
Thanks a lot for the answer !
(for 1 and 2 : yes, it's OK with both)
I just tried it, and it's not working, as I'm asked to login anyway. I suppose it's because, as you mention, I don't have anonymous access enabled.
But that's precisely what I don't want : anonymous access.... So am I stuck ?
I'm just trying to have some kind of "print-out" for the engines, but it seems that Mantis is very, very well protected, as authentication is nearly everywhere !!
(for 1 and 2 : yes, it's OK with both)
I just tried it, and it's not working, as I'm asked to login anyway. I suppose it's because, as you mention, I don't have anonymous access enabled.
But that's precisely what I don't want : anonymous access.... So am I stuck ?
I'm just trying to have some kind of "print-out" for the engines, but it seems that Mantis is very, very well protected, as authentication is nearly everywhere !!
You should be able to change the authentication API to support search engine bots to crawl the site even if anonymous access is not enabled.
The function you need to change is:
auth_get_current_user_cookie()
You can create a user for search engines, grant it the appropriate access level, set it as the anonymous user, then set anonymous user support to OFF. Then in this function you use the anonymous user name even if the flag is off when the connected user agent is a bot.
The function you need to change is:
auth_get_current_user_cookie()
You can create a user for search engines, grant it the appropriate access level, set it as the anonymous user, then set anonymous user support to OFF. Then in this function you use the anonymous user name even if the flag is off when the connected user agent is a bot.
Migrate your MantisBT to the MantisHub Cloud