Userkeys url param

gavin1211 2022-07-06 06:36:58 UTC #1

Any idea how to stop userskeys param being added to url's

e.g.
?query=&f.Level_u|Y=Undergraduate&f.Attendance_u|modeft=Full-time&userkeys=7217,7&start=91

We don't require document level security, cannot see where this is configured.

Our collection config has this set to false : ui.modern.authentication

lnowak 2022-07-06 07:10:15 UTC #2

Is collection using security.earlybinding.user-to-key-mapper configuration key? Please see docs https://docs.squiz.net/funnelback/docs/latest/reference/configuration-options/collection-options/security.earlybinding.user-to-key-mapper.html

Are you manipulating any pre-phase step? Ie. hook scrips. Please see https://docs.squiz.net/funnelback/docs/latest/develop/getting-started/search-results/data-model/data-model-variable-initialization.html

gavin1211 2022-07-06 07:23:23 UTC #3

is not in the collection cfg

We do have hook_pre_process and hook_post_process but I cannot see anything in those relating to document level security.

We also have padre_opts file, but same cannot see anything related to doc security.

plevan 2022-07-06 22:32:23 UTC #4

What type of collection is this?

User keys are often added by the system that makes the request to Funnelback, but it will depend on the type of collection and how everything has been configured.

gavin1211 2022-07-07 05:30:12 UTC #5

It is a Local collection. The requests are made from our Squiz Matrix, via a REST Resource.

We have bounced it to our support to have a dig around.

plevan 2022-07-07 05:47:04 UTC #6

my guess is that the matrix rest asset is where you'll find the userkeys being added.

gavin1211 2022-07-08 05:30:30 UTC #7

To me its the same as any others we setup, there's nothing extra in the request url:

%globals_asset_contents_raw:xxxxxx%/s/search.html?collection=collection-name&profile=default&form=course-finder&%globalsserver_QUERY_STRING^replace:&collection=collection-name:%

maybe its the way the url is formed in the FTL, see below, tried stripping with replace but didn't work:

<#assign pageurl = QueryString?replace("collection=ulster-dev&profile=_default&form=course-finder&","")?replace("&userkeys=(?<=userkeys=).*?(?=&)","","ri")>