Siteimprove.Plugins.Sitefinity 15.1.8321

.NET Framework 4.8

dotnet add package Siteimprove.Plugins.Sitefinity --version 15.1.8321

NuGet\Install-Package Siteimprove.Plugins.Sitefinity -Version 15.1.8321

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="Siteimprove.Plugins.Sitefinity" Version="15.1.8321" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

paket add Siteimprove.Plugins.Sitefinity --version 15.1.8321

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: Siteimprove.Plugins.Sitefinity, 15.1.8321"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

// Install Siteimprove.Plugins.Sitefinity as a Cake Addin
#addin nuget:?package=Siteimprove.Plugins.Sitefinity&version=15.1.8321

// Install Siteimprove.Plugins.Sitefinity as a Cake Tool
#tool nuget:?package=Siteimprove.Plugins.Sitefinity&version=15.1.8321

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Supported for Sitefinity 15.1

Add to Sitefinity

Open your Sitefinity solution in Visual Studio
Install the Plugin via NuGet package. Use the Nuget Package Manager or simply execute the following command Install-Package -Id Siteimprove.Plugins.Sitefinity targeting your main Sitefinityweb project
Build the solution in Visual Studio
Run the project and ensure the module is installed by going to “Administration > Modules & Services”

Configure the Plugin

If you are using the Sitefinity Web Security module (https://www.progress.com/documentation/sitefinity-cms/web-security-module), it will not block all external scripts by default. That applies for the ones Siteimprove needs to load its overlay. To enable the plugin from the WebSecurity module:

In the Sitefinity backend, go to “Administration > Settings > Siteimprove“
Scroll down to the “Web Security Settings” section and click “Allow Siteimprove Scripts”

Advanced Options

The Siteimprove Plugin has the following configuration options, which are located under Settings > Advanced Settings > Siteimprove

Log Activity in the Browser Console

Checking this setting to True, will generate logs in the browser console, so that you can monitor the activity of the plugin. Useful for debugging on just ensuring that it works as expected.

Script Url

With this settings, you can configure the Url for the main script that will be used by Siteimprove to load its libraries. By default, the Url should be https://cdn.siteimprove.net/cms/overlay.js

Api Tokens

This section aggregates token/domain pairs needed to speak to the Siteimprove's API. The Plugin will automatically generate the token/domain entries if a token for the current domain is missing:

Domain - Domain managed in Siteimprove and served by Sitefinity, i.e. https://www.mydomain.com
Token - The Api token that will be used by Siteimprove to manage the respective domain, i.e. 8669723c3a4e475cbe2b303b690a3db6. It is auto generated by Siteimprove

Going Live

You will need the plugin installed and activated only on the Sitefinity nodes where the backend will be accessed and content publishing operations will be executed. Since it is only visible to backend users as they browse the backend, it is simply doesn't needed on pure frontend nodes
The Plugin follows the Siteimprove integration guidelines and generates API tokens for each domain included in the Siteimprove optimization services. By default those API tokens are going to be persisted in the App_Data/Sitefinity/Configuration/SiteimproveConfig.config file located in your Sitefinity project and it will look something like this:

<?xml version="1.0" encoding="utf-8"?>
<siteimproveConfig xmlns:config="urn:telerik:sitefinity:configuration" xmlns:type="urn:telerik:sitefinity:configuration:type" config:version="10.2.6600.0" logActivityInTheConsole="True">
	<tokens>
		<add token="37bf8cd59acd4f07a53cfeae8e45a853" domain="https://your.public-domain.com" />
		<add token="4df27be12550451086r0950da941e4c2" domain="https://your.other-public-domain.com" />
	</tokens>
</siteimproveConfig>

Thus, it is recommended to include the API tokens in your configuration transformation and environmental variables and to also generate the tokens ahead of time prior to deployment. This applies especially for Load Balanced and Cloud setups where multiple servers can operate as Sitefinity backend nodes.

If the Plugin cannot resolve the API tokens for a given domain, it will use the Siteimprove external API to fetch them and upon successful fetching will store them in the SiteimproveConfig.config.

Ensure that the web server can reach the following two Urls, on which the Siteimprove's API is being used to request tokens and recheck operations: ⋅⋅* https://api-gateway.siteimprove.com/cms-recheck ⋅⋅* https://my2.siteimprove.com/auth/token

Troubleshooting

In case of errors, the plugin will provide verbose error logging using the Sitefinity default error logger. In case you are monitoring its production performance or are trying to troubleshoot its behavior, your should check the Sitefinity error logs for details.

Security

Since Sitefinity 11, there is the Web Security Module, which runs alongside with Sitefinity. The module enforces many security rules, which control the resources that the user agent is allowed to load. It specifies the server origins and script endpoints for page resources.

During inital installation or upgrade, the Siteimprove Plugin should programatically modify those values, so that the required scripts are allowed to be loaded onto the Sitefinity pages. If for some reason, this operation is not succesffull, you may see "Content-Security-Policy" error in the browser.

In case of Content-Security-Policy error, ensure that the correct values are added in the WebSecurity section in the advanced configuration. Go to Settings > Advanced Settings > WebSecurity > HttpSecurityHeaders > Response Headers > Content-Security-Policy. Content-Security-Policy HTTP header controls the resources that the user agent is allowed to load. The Http header value contains semicolon delimited values for every resource type of the Content-Security-Policy header. Edit this value and ensure the resource types from below contain the following values:

script-src contains `https://cdn.siteimprove.netc
connect-src contains https://*.siteimprove.com
child-src contains https://*.siteimprove.com
frame-src contains https://*.siteimprove.com

Save these settings.

For more information on the Web Security Module in Sitefinity, visit the official Sitefinity documentation

License

The code of this repository is licensed using MIT license.

Using the Siteimprove plugin falls under the Siteimprove CMS Plugin terms

Product	Compatible and additional computed target framework versions.
.NET Framework	net48 is compatible. net481 was computed.

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

.NETFramework 4.8
- Progress.Sitefinity.WebSecurity (>= 15.1.8321)
- Telerik.Sitefinity.Core (>= 15.1.8321)
- Telerik.Sitefinity.Feather.Core (>= 15.1.8321)

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last updated
15.1.8321	117	5/22/2024
15.0.8200	107	5/22/2024
14.4.8100	90	5/22/2024
14.3.8000	108	5/23/2024
14.2.7900	86	5/22/2024
14.0.7700	89	5/23/2024
13.2.7500	94	5/23/2024
3.0.1	104	5/21/2024
3.0.0	135	5/17/2024
2.0.1	1,057	6/24/2022
2.0.0	291	1/16/2022

Support for Sitefinity 15.1