Comments (8)
HI.
I understand that you want to drive the discussion to a concrete technical solution, but to me, it is more important that you explain the business use case, and the outcome you want from all this. This way, I can figure out the technical solution, and maybe propose you an alternative/workaround.
Can you explain:
- why you want to protect a single URL in the first place?
- why did you choose Docusaurus given that constraint?
- why you want to link to it from a public page, and what should be the experience for a user when they click on the link considering they are not authenticated?
What you need looks complicated to implement and is not really an initial goal of Docusaurus. I doubt we'll make this kind of use case a priority because the ROI would be quite low considering only you ask for something like this so far.
Even if we disable the SPA navigation, prefetching and everything, the secret page bundles remain emitted, are available publicly through an URL /assets/js/bundleX.js
that hackers can guess with brute force. One solution could
A possible solution could be to colocate the page JS bundle near close the HTML file. This way even if the JS bundle is referenced in a map, it can't be downloaded if you protect the /docs/top-secret/birthday-party-plans
path. It is probably possible to use configureWebpack
plugin lifecycle today to achieve that.
Note that we also have a goal make Docusaurus work without any JS. We are far from done yet but HTML/CSS is improving, and if JS can be considered as a progressive enhancement, we could simply bypass React hydration, use regular links, and only emit HTML/CSS files. Track #3030
Hydrating React and disabling the SPA soft-navigation for all links just because you have one or a few secret routes doesn't really seem like a good idea to me overall. This degrades the whole user experience for users who only browse public pages, is not so easy to implement and this feature probably has very low traction among our users.
from docusaurus.
from docusaurus.
Thanks
So you want only some pages to be "protected".
Are all the logged-in users of your site able to access the exact same pages, or each user can see a different set of protected pages?
from docusaurus.
from docusaurus.
Related Issues (20)
- [Accessibility]: Page looses focus after Search modal gets closed HOT 1
- Please Block the "Bruce's Wiki" at show case since contain the Malicious links HOT 2
- Place screenshots in the themes documentation page in the site HOT 2
- Passing custom props to IdealImage HOT 2
- Spaces are no longer valid in links HOT 4
- Cannot load docs from outside local package root when running as a Yarn workspace HOT 8
- Mermaid diagram shift page when opening a link with anchor HOT 1
- An error occurred when importing a global component. The component cannot be found HOT 1
- Error messages set to `vfile` by Remark plugins are not reported. HOT 1
- Use pure examples in github action deployment examples HOT 1
- When multiple i18n are configured, the plug-in will report an error when using the Link tag. HOT 1
- Can't find component when using NX and NPM Workspaces HOT 2
- Add comparison to vitepress HOT 2
- Module not found: Error: Can't resolve 'react-loadable' in '.../node_modules/@docusaurus/core/lib/client/exports' HOT 1
- BrowserOnly, lazy, and useHistory result in infinite re-rendering HOT 1
- Output HTML contains NULL chracters in at least CJK languages HOT 10
- Documentation should also teach registering anchors in plugin code HOT 6
- The mdx-code-block is not compatible with Windows. HOT 3
- Using partial props in links causes false positive `onBrokenLinks` HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docusaurus.