7 – url with parameter – anonymous users and connected users

I have a content type that only logged in users can create. The link that users click to access the edit page is /node/add/my_content_type?abc
(I'm using the abc parameter for the Rules module to act later.)


Anonymous users are redirected to the login page after clicking on such a link. After login, the user is redirected to /node/add/my_content_typehowever the parameter abc left.

I can solve it by creating the URL with a coded query point like this: /node/add/my_content_type%3Fabc

This works for an anonymous user (the redirected URL contains the abc parameter); however, if a logged-in user clicks on such a link, he is redirected only to /node/add (my_content_type%3Fabc is omitted).

What would be the best solution here? Thank you.

8 – Prevent caching redirects for anonymous users

I have a content type that needs to be redirected only when it is labeled "External." All of these "external" elements have a field where a URL is provided for the redirection.

During the initial configuration of the content type, the redirection was done in the .theme file in preprocess_html, but we discovered that after the first redirection, when someone accessed one of these nodes, it was cached and redirection no longer occurred.

I then built a module to perform the redirection with an event and a subscriber, which solved the problem when you logged in as an administrator, but not for anonymous users.

For the third iteration, I built a module to configure a middleware that implements HttpKernelInterface to perform redirection to this location.
This particular type of content had a URL pattern, so I used that to determine when the middleware should run based on the $request->getPathInfo(); then test the type of node and the "External" tag applied to it.
This solved all the redirection problems, but others began to appear. For example, the edit form for all nodes began to appear in the title field and nothing else or the views using the content type would also display as blanks.

Is there a more efficient way to do this redirection and avoid the page cache than doing it with a middleware or did someone encounter such a problem when doing so? Implementation of HttpKernelInterface?

management function used in the middleware:

public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {

$newsPrefix = "/news";

$current_uri = $request->getPathInfo();
if(substr($current_uri, 0, strlen($newsPrefix)) === $newsPrefix){
  $path = Drupal::service('path.alias_manager')->getPathByAlias($current_uri);

  if(preg_match('/node/(d+)/', $path, $matches)) {
    $node = DrupalnodeEntityNode::load($matches(1));

    if (isset($node)) {

      $nodeType = $node->getType();
      if($nodeType === 'news'){

        if(isset($node->news_type_of_content) && isset($node->news_type_of_content->target_id)){
          $typeID = $node->news_type_of_content->target_id;

            $term = Drupal::entityTypeManager()->getStorage('taxonomy_term')->load($typeID);
            $name = $term->getName();

          if(isset($name) && $name === "External" && isset($node->news_source_url->value)){

            $response = new RedirectResponse($node->news_source_url->value, 302);
return $this->httpKernel->handle($request, $type, $catch);


On average, how much soy should I consume daily to be considered an Anonymous Soyboy YA Beta Liberal?

These types of questions look like bullying third-graders by saying, "Tom is a sissy chicken, Tom is a sissy chicken, nananana na na!" I guess some people never mature longer. Grow! If you want to expose the low level of your childish thinking, you may want to consider staying anonymous.

Anonymous authentication of the SharePoint (modern) communication site does not work

I have created a (modern) SharePoint communication site and enabled anonymous access to the web application and at the site collection level. When the anonymous user logs on to this site, he displays an authentication pop-up window.

anonymity – Practice of anonymous direct attestation

The DAA (direct anonymous attestation) is not the only system allowing to obtain an anonymous certificate. In general, these systems allow an entity to remain anonymous throughout the attestation process. The concern here is not the attestation but the key revocation. The TPM / FIDO DAA schema requires that you keep an unauthorized list of compromised private keys to allow revocation. But the hypothesis of a compromised device with private disclosure of his private key is naive. In fact, in many scenarios, a hacker may not reveal a compromised key. This key can be used for attacks such as a denial of service attack, and so on. The identity of the device being anonymous for the service provider, it has no way to differentiate an attacker from the genuine user.

What aggravates the situation is that the private key is stored / protected using the hardware key store or the hardware security module (HSM). A hacker may have the knowledge to hack and extract the private key of an HSM using the zero day vulnerability. Since private key is designed to not exit private key in clear. Therefore, even if a user recognizes that his device is compromised, he has no way of informing the authority because it is not possible to retrieve the private key as a normal user.

Therefore, DAA seems to be a wonderful technology but is not commercially viable?

How to get rid of anonymous sessions of my site Drupal 7?

In a Drupal 7 site taken from an ex-colleague, sessions for an anonymous user are always generated under the screenshot below:
enter the description of the image here

The security service provider always analyzes:

Our company also observed that the sets of applications
The cookie "SSESSd84a1fe63b666c4294afc5029aa95bfd" before the authentication
and does not update the value of the session cookie even after
authentication, but the user can not repair the session by
update of the cookie, it has not been reported separately.

I am a Drupaler novice. I've installed a new Drupal 7 site from scratch, and there's no such cookie. But in Drupal.org, there is one. I've also checked the contributed modules on my site, disabled the 2 most suspicious modules (login_destination and betterlogin), still no luck. I've added a line "ini_set ('session.cookie_lifetime', 0);" in the settings.php file, no luck again. I do not know what to do next.

Magento Price Block Anonymous

I have a problem:

If you choose a default theme of magento 1 (rwd, default, modern, base, etc.), the name of the price block is anonymous.

The only thing you found in catalog.xml is:

This block should already be named because a code is defined in this code, but this is not the case. AOE and FPC tips amasty also anonymously indicates the name of this block. How can I name this block? Maybe these are orphaned and unresolved stuff, I do not know. I have been stuck here for days now. 🙁

how to create an anonymous function and how to call Anonymous in postgres?

Please Any one helps the steps of anonymous function creation and how to call anonymous functions in postgres.

Thank you

Offshore Bulgaria VPS Servers – Confidentially protected anonymous host, multiple payment gateways

OffshoreDedicated | Privacy made easy

OffshoreDedicated brings simplicity and freshness to keep your website up and running. We are committed to providing anonymous and reliable offshore hosting with protection against encroachment, while preserving the rights of our customers in terms of total freedom of information and independence.

We value and cherish freedom on the Internet because it is one of the few places where it remains. We have always carefully protected client websites from all attacks and claims. Our company policy, combined with our experience, our technical professionalism and our proven relationships with data centers, ensures that all data stored on our servers are completely protected from any intervention by the authorities, annoying assigns. We are constantly improving our skills; we offer the latest solutions available on the market. Our services are characterized by high performance and network availability. We have been providing these services continuously since 2013. Our business partner provides proven network and technical solutions.

It's time to get out of the usual web hosting account but you're not really ready for your own dedicated server? So VPS is the perfect choice! Your VPS servers will be located on trusted Supermicro servers with Intel Xeon processors, ECC RAMs, and enterprise-class hard drive bays. Servers are never over-provisioned, which means you'll have enough power to run your applications at any time.

Bulgaria VPS Offshore

No content limitation *, privacy protection, quality commitment


1 vCPU
1 GB of RAM
15 GB SSD storage
Unmeasured traffic
100Mbps uplink
1 x IPv4
Full access to the root
Virtualization – KVM
DMCA safe
~ 3 hours of installation time
Price $ 14.99 / MONTH
Click here to buy


2 vCPU
2 GB of RAM
25 GB SSD storage
Unmeasured traffic
100Mbps uplink
1 x IPv4
Full access to the root
Virtualization – KVM
DMCA safe
~ 3 hours of installation time
Price $ 24.99 / MONTH
Click here to buy


3 vCPU
3 GB of RAM
35 GB SSD storage
Unmeasured traffic
100Mbps uplink
1 x IPv4
Full access to the root
Virtualization – KVM
DMCA safe
~ 3 hours of installation time
Price $ 34.99 / MONTH
Click here to buy

Why choose us

  • No content limit
  • Protection of private life
  • Committed quality
  • Always learning
  • 99.99% network availability
  • Uncompromising performance
  • Fast supply
  • Exactly as you want
  • Heroic support

& Much more!

Methods of payment: Payoneer (+ bank and card payments), WMZ, Perfect Money, PayPal and BTC / ETH / LTC and more.

If you have any other questions, do not hesitate to open a ticket after your registration OR send us an email at Info@OffshoreDedicated.net OR contact us via Skype.

Contact Details:

Web: https://offshorededicated.net/
Email: info@offshorededicated.net
Skype: OffshoreDedicated

8 – Is it possible to provide a temporary role for an anonymous session?

The use case is to provide a set of permissions to an "anonymous" user, that is, we do not know who he is and he has not logged in. We just have its IP range to confirm its origin (yes, know … this is not a system I would design :)).

I do not necessarily know what permissions these users need later, that is to say, it may be to access certain types of nodes, access to certain file entities. This will be an evolving set of permissions that will need to be configurable later as a role. would be.

Is it possible to define a role and then give it temporarily to anonymous sessions meeting our criteria? I've tentatively been trying to use an EventSubscriber to check every time our module is loaded, but that does not work because we obviously can not really "save" an anonymous user, that's it. -say:

class CivicrmIpAccessSubscriber implements EventSubscriberInterface {

  public function CivicrmIpAccessLoad(GetResponseEvent $event) {
    $proxy = Drupal::currentUser();
    $roles = $proxy->getRoles();
    if ($roles === ('anonymous')) {
//Business logic to determine if a user gets access would go here
      $user = User::load($proxy->id());
//This user save doesn't work, and I wouldn't have really expected it to but I tried it

   * {@inheritdoc}
  public static function getSubscribedEvents() {
    $events(KernelEvents::REQUEST)() = ('CivicrmIpAccessLoad', 250);
    return $events;


Is there a good way to accomplish something like this for a session? I feel like an anonymous user barking the wrong tree and a session would be ok but I'm not sure how to interact with access from there.

Edit: $ user-> save (); also does not work. The result of these backups seems to not generate a log return, but the role is not added if I retrieve the current user and check the roles so that access is always denied.