To add a URL dashlet to a custom dashboard
To use variable parameters in the URL dashlet
Important note regarding external URLs
To host external content on an Entuity server (recommended approach)
To configure the URL dashlet so that it can access external URLs
The URL dashlet displays the content of a URL of your choice. Note, from ENA v18.0 P06 onwards, the URL dashlet by default will no longer accept external URLs, but only URLs within the domain on which the instance of Entuity is installed. Please see the section below for further help and information on this.
The URL dashlet is available for all types of data source.
To add a URL dashlet to a custom dashboard:
- When adding a dashlet to a new custom dashboard or editing an existing custom dashboard, follow the instructions for adding a dashlet, select URL dashlet in the Select Dashlet Type, and click Next.
- The Create Dashlet form will slide in on the right.
- Enter a name for your dashlet in the Name field.
- You can then choose the source of the data to be displayed in the dashlet.
- If you want this dashlet to source its data from the context of its parent dashboard, select Dashboard. You can see the context of the parent dashboard in the Dashboard Context field at the top of the form.
- If you want this dashlet to source its data from another dashlet in this current dashboard, select Dashlet.
- If you want this dashlet to source its data from a managed object on your network, select Fixed Object. You can then click Browse to an object to search for a managed object in Explorer, or drag into the box your desired managed object in from another browser window.
- Enter the URL that you want to display in the dashlet in the URL field.
- Click the Advanced Settings field to open the Advanced Settings form.
- Choose whether you want to hide the title of the dashlet in the Hide Title Bar field. If selected, the dashlet's Overflow Menu will also be hidden, but in the Promote Menu Options field you can then choose if you want to display the options in the dashlet's Overflow Menu in the overall dashboard's Overflow Menu.
- Choose whether you want the dashlet to automatically refresh in the Auto Refresh field. By default this is set to On.
- Click Done in the top right of the form to save and return to the Create Dashlet form, otherwise click Cancel.
- Click Done in the top right of the form to create the dashlet, otherwise click Cancel.
To use variable parameters in the URL dashlet:
You can substitute variable parameters into the Name field of the URL dashlet, or the URL field. This will then pick up on the source that is given in the Dashlet Source field on that dashlet.
Please see the article on variable parameters for a list of the available variables.
Important note regarding external URLs:
To conform with recognized security best practice and to mitigate security issues associated with exposure to external URLs, from ENA v18.0 P06 upwards the URL dashlet by default will no longer accept external URLs, but only URLs within the domain on which the instance of Entuity is installed. Please refer to this guidance from CISA regarding the mitigation of threat from cross-site scripting attacks.
It remains possible to add external URLs to a configuration file so that they work with the URL dashlet. Entuity recommend that you do not do this unless you are fully aware of the security implications. Note, when using ENA v18.0 P06 with RSSO, you must add the RSSO agent address domain in this manner, otherwise RSSO will fail. It is also possible to import external content that you might need to the Entuity server itself, which can then itself host it. Please see below for details of how to do both of these.
Note, Microsoft Internet Explorer does not enforce these security policies. As a result, when using Entuity in IE, the URL dashlet will continue to accept external URLs.
To host external content on an Entuity server (recommended approach):
- Go to the Entuity install path:
[entuity install]/lib/httpd/EOS/
- Import the static webpage, image or file that you wish to host. For example, if you want to import the (fictitious) static webpage https://examplestaticwebpage.com, you would need to import the html file for examplestaticwebpage, plus any associated css, javascript or image files if necessary. You can then access the static webpage in the URL dashlet by going to https://[entuity domain]/examplestaticwebpage.html.
Another example might be a simple clock app, whereby a static page renders a clock and updates the graphics every minute. The content is static but the graphics are updated by the browser. As with the above example, you would import the html file of the clock page and then access it from the URL dashlet.
The same applies to other files, e.g. if you import a text file called 'hello.txt', then you can access your text file by going to https://[entuity domain]/hello.txt
To configure the URL dashlet so that it can access external URLs:
Note for the following configuration: this file will be overwritten on each major install upgrade, and possible patch installs if that patch modifies this file. It is recommended rather that you import into the Entuity server the resources that should be embedded in the dashboards, so that Entuity serves up the webpage (please see above for help and information on how to do this).
When using ENA v18.0 P06 with RSSO, you must add the RSSO agent address domain in the below manner, otherwise RSSO will fail. To do this, you must add the port number to the child-src line.
- Go to the Entuity install path:
[entuity install path]/install/template/lib/apache/conf
- Go to the following section: (please note that ENA v17.0 will not have the google and gstatic URLs)
# Extra security headers
Header merge Cache-Control no-store
Header merge Cache-Control no-cache
Header set Content-Security-Policy "\
default-src 'self';\
script-src 'self' 'unsafe-inline' 'unsafe-eval' maps.googleapis.com;\
style-src 'self' 'unsafe-inline' fonts.googleapis.com;\
img-src 'self' data: maps.gstatic.com *.googleapis.com;\
font-src 'self' fonts.gstatic.com;\
child-src 'self';\ " - By modifying the following line:
child-src 'self';\
to the following:child-src 'self' some.new.domain;\
you will allow access to an outside domain (in this case, it will allow access to 'some.new.domain'). - This change to the template file is not applied until you run configure. In order to do so, you will need to stop Entuity, run configure and then start Entuity again. Firstly, ensure Entuity is not running:
[entuity install path]/bin/status
- Run configure:
[entuity install path]/install/configure
- Start Entuity:
[entuity install path]/bin/starteye
Comments
0 comments
Please sign in to leave a comment.