Friday, October 31, 2014

Sitecore: - How to add source section to Droplink and Treelist

Source for DropLink:-

query:fast:/sitecore/content/XXX/ Home//*[@@templateid='{fsdfasdfasdf}']

Source for TreeList:-

/sitecore/content/ccccc/Home





Sitecore: - What happens if your debugger is not attached to Visual studio

Sometimes while working our system not able to attach visual studio, please follow the below steps to fix it.

1) Check the .pdb is existing in the bin folder (.DB is the referent of.dll and creating parallel to the .dll)
2) Check any issues in the visual studio, restart it once
3) Reset the skip settings of visual studio
Devenv /resetskippackages

Friday, October 17, 2014

Sitecore- Vulnerability -Transport Layer Protection and Cross-Frame Scripting

Some key points to handle the Vulnerability and Transport layer protection.

“Transport Layer Protection: Insecure Transmission”

Vulnerability Summary: -  As per standard the user type credential should not be exposed through the “get” method. A username was found in the query string of a GET request or Set-Cookie header.

Update and Action:- This is basically a case where in case item/template not  found, then the URL comes like below

Proposed Solution: - In case if item not found will redirect to the other specific URL, this section required some more investigation.

“Cross-Frame Scripting”

Vulnerability Summary: - A Cross-Frame Scripting (XFS) vulnerability can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page.


Solution: - Fix by including an X-Frame-Options header set to 'SAMEORGIN'. There are two options available either we can change in the web. Config or in the IIS settings.

Change in the web. config: - This is by default, setting and it’s available in the b2b web.config section.
 

Required change in the IIS: - Below are the steps for the IIS settings

  1. Open Internet Information Services (IIS) Manager.
  2. In the Connections pane on the left side, expand the Sites folder and select the site that you want to protect.
  3. Double-click the HTTP Response Header icon in the feature list in the middle.
  4. In the Actions pane on the right side, click Add.
  5. In the dialog box that appears, type X-Frame-Options in the Name field and type SAMEORIGIN in the Value field.
  6. Click OK to save your changes.
For more information :- http://support.microsoft.com/kb/2694329

Please feel free to post here, If have any questions

Wednesday, October 15, 2014

Sitecore :- How to restore deleted data/Item/template in sitecore

We have an option to restore the data through the Recycle Bin option.

Login to Sitecore through Admin User and you will find below option.

Sitecore :- How to deploy/install TDS package

- Go to the below path and upload the TDS package

.... Current Path.../sitecore/admin/Updateinstallationwizard.aspx


Sitecore :- How to reset the cookies and clear cache in Sitecore



Sometimes we may face some issues where our changes not get reflected, In that we need to check below steps

1) Reset the IIS
2) Clear the catch :-
 Go to below link :-..........sitecore/admin/cache.aspx

         

3) Check that item is published or not