Sitecore has a quite advanced access right management system. However, I’ve found a few quite common requirements that, as far as I know, isn’t supported out of the box. One is to allow content authors to remove individual item versions without allowing them to remove the entire item. This is especially useful for multi language sites. Another requirement is to allow authors to delete items they have created themselves, but no other items.
I’ve seen people work around these kind of issues by playing around in the core database, modifying ribbon buttons etc. Personally I don’t like that approach. That would just hide the button and if the user could initiate the command in any other way, Sitecore will gladly perform the delete action. It’s easy to forget a command action in a context menu or something like that.
Instead I created a very small Sitecore module to solve these issues. All the source is available on Github.
target="_blank" is one of most underestimated vulnerabilities on the web. When you make a link to an external into a new tab or window, that site gets access to your site. If it’s a design flaw in browsers or something else is debatable, but luckily there is a simple fix for it by adding
rel="noopener" to external links.
Sitecore have awarded Volvo Construction Equipment, with partner Stendahls, winner of the Sitecore Experience Award 2016, Marketing Agility category. The Marketing Agility award recognizes marketing teams that have made significant, measurable gains in productivity and marketing ROI through the Sitecore platform. This year’s winners outlined clear before and after scenarios for team output and content publishing times as well as any associated organizational or team advantages, as a result of time/resource savings.
I’ve spent most of my working time during 2015 and 2016 on this huge project, where we built the whole marketing platform and rolled out 123 market and dealer websites, representing Volvo’s business in more than 140 countries on 30+ languages. The solution contains about 370k items and is managed by more than 150 editors worldwide, all in the same Sitecore solution.
A lot of my time went into creating a streamlined development process, build and maintain a fast and stable hosting platform and build a very efficient authoring environment. Many of my blog posts during the last year have sprung out of this project.
Volvo CE Press release
Some time ago, Martin Davies started a thread on the Sitecore MVP community forum about where to store page content. It caught a lot of attention and many replies. Since that’s a closed forum, I thought I’d might as well write a public post on my view on this topic, but also put into a wider perspective. It almost ended up in a recipe on how to build Sitecore websites. Nothing in this post is new really, so I’ve kept each topic as brief as possible.
This post is only about the basics of Sitecore as a CMS. Sitecore can do so much more. But I’ve seen so many, in my opinion, implementation failures, where the customer can’t get passed the content management hell and never starts walking up the experience maturity ladder. The implementing partners plays a very important role here ensuring the content authoring environment doesn’t become messy, time consuming or non-intuitive.
Thank you Sitecore for awarding me “Technology Most Valuable Professional” (MVP) again! Fifth year in a row!
The Sitecore MVP Award celebrates the most active Sitcore community members from around the world who provide valuable online and offline expertise that enriches the community experience and makes a difference.
My contribution to Sitecore and the community over the last year have, besides this blog, been continuous dialog with Sitecore staff on how to improve the author experience in the product and over forty confirmed bug reports.
As a lead architect and DevSecOp of this huge website project, www.volvoce.com, I expect a lot of blog posts during 2017 about our findings and how to create and maintain great websites.
I faced a problem where I need to control the Sitecore html cache from within a controller action. There are probably many scenarios where this is needed. In my particular case, the output from the controller is cacheable in the Sitecore html cache, but my controller action is also dependent on a third party system. The communication with this system could sometimes fail. Essentially it means that if the controller fails, I don’t want the html output to be cached either. If it is cached, as it is by default, my error message will stay there until the html cache is cleared, regardless if the third party system is online or not.
Since 7.5, Sitecore introduced Media Request Protection that is essentially a hash added to some URL’s. Some people find this annoying, but I think this was a good move. If someone would just hammer your site by downloading media images with random width and height parameters, it would cause a lot of image resizing and consequently eat up all CPU.
The idea behind the Media Request Protection is to avoid these kind of denial of service attacks, by having a hash parameter on the URL. On an incoming media request, Sitecore calculates the hash of the request query string parameters and compares it with the given hash. If they are equal, Sitecore performs the resizing options (or whatever parameters are provided). If they are not equal, Sitecore will just send the original file as-is.
Serving optimized images on websites is essential to get high performances website and get a good user experience. There are numerous implementations of this and here is yet another one. Inspired by Anders Laub previous posts on cropping and compressing images, I decided to make one that makes optimized progressive images.
Normal images are loaded from top to bottom, aka baseline images. The advantage of progressive images is that the entire image is shown almost right away, but the image is blurry at first when only a portion of the image is loaded and the image then becomes clearer as more image data is loaded in the browser. This makes the perceived load speed faster to the viewer.
There are always room for improvements of the Experience Editor. Here are a few simple ones to fix.
Since Sitecore 8.1, field validation results are shown inline in text fields. This is quite useful for content editors, both for showing errors, but also to give soft errors, such as warnings or suggestions.
One can argue that all non-valid results from validators are errors, but I think it makes more sens to say “Show suggestion” instead of “Show error” next to a validation suggestion.
This post is about extending Sitecore to simplify reuse of content. It’s nothing new and has been done many times before. This is just my take on a common scenario. The solution is only tested on Sitecore 8.0 & 8.1, but will probably work on older versions as well. There are many usages for this extensions, but I’ll first try to explain the requirement I had and why this extension was needed.
When you schedule an item in Sitecore, it doesn’t mean that the item gets published or unpublished at that date. It just means that it is possible to publish the item within the given period. One have to perform an actual publish for it to actually happen.
There are many great modules already that handles this, such as Scheduled Publish Module for Sitecore by Hedgehog.
In my scenario, we just wanted to trigger a publish for items as they are scheduled. Scanning through the whole database is very expensive though, so I decided to make one that utilizes our search index instead. We use Solr in our solution, but it’ll probably work as good with Lucene as well.
There are different approaches that can be taken when managing multi-lingual web sites in Sitecore. Sometimes your authors might have to manage content in multiple languages and the might need to switch between site trees that are built on different languages.
Updated 26 September 2016: The OpenExperienceEditor command needs to be replaced in order to make this work properly. Code for that added below.
In that scenario, editor often faces the message that there is no version on the current language, and they have to find the right one in a long list of languages. This isn’t very convenient. Using the new Experience Editor it’s even worse, because authors are not given this information at all, so they might start editing a page in the wrong language by mistake.
I wanted to make this easier for the authors, so I decided to change the built-in Content Editor warning, and add an equivalent function to the Experience Editor.
There has been many posts about unlocking Sitecore items, and here’s yet another one that perhaps fits your needs.
In one of our projects, we decided that users that are not logged into Sitecore, doesn’t need to retain locks on any items, so we wanted a solution where Sitecore automatically releases all item locks where the user doesn’t have an active session.
Thank you Sitecore for awarding me “Technology Most Valuable Professional (MVP)” again! Fourth year in a row! This year, Sitecore has designated 177 Technology MVPs, 35 Digital Strategist MVPs, and nine Commerce MVPs, which brings the total group to more than 200 spread across 25 countries worldwide.
In Sitecore 8.1 we finally got language fallback built into the core product. This gives us the option to specify, per field, if we want to inherit a field value from another language when the field itself is null.
I guess we all have some sort of love and hate relation to the built in Display Name field of Sitecore. It solves a lot of potential issues, but it causes tons of other problems as well. With language fallback, there is another one. If you enable language fallback on the Display Name item, nothing happens. This is because the default
LanguageFallbackFieldValuesProvider ignores all standard fields. Well, all fields starting with a double underscore to be exact.
So in order to have language fallback on Display Name or any other standard field (though the need for it on other fields are probably very rare), we’ll have to replace the default implementation, with an overridden version where the
bool IsValidForFallback(Field field) method doesn’t return false just because its internal name is
If you need details on how to replace the default implementation, look at my post about editor friendly language fallback.
After upgrading some of our solutions to Sitecore 8.1 update-1 we started seeing errors in our log files, such as this:
... ERROR Error in FileWatcher. Internal buffer overflow.
Message: Too many changes at once in directory:path-to-data-dir\Data.
Language fallback is really nice when working multi lingual websites. It save a lot of time and makes the solution very flexible. However, among content editors it can cause some headaches since the content shown to editors may not be the actual content being published.
If you’ve spent some time with Sitecore 8.x, you’ve probably experienced the tremendously slow SPEAK driven Experience Editor (formerly known as Page Editor). This is due to multiple problems. The design of SPEAK is really chatty and cache is vital, some XHR requests are really slow and some are caused by heavy precompilations.
Today, my colleagues stumbled upon a strange behavior in one of our projects. I won’t go into all the details about it, but it let me think about how Sitecore indexes fields and how it can be improved. We use Solr, so at this stage, I don’t know if this applies to Lucene as well, but I guess it does.
We typically auto generate our domain model from a TDS project using a T4 template. Having that, we can easily map all Sitecore template fields to typed properties in our domain model and we can also map those to the fields in a Solr index. This means we can use the same model when using the ContentSearch API as well as with the traditional API. We can also lazy load fields from the original item if they are not marked as
stored in the index.
This post describes a concept of resolving content during publish in Sitecore 8.1, but most of it will apply to older versions as well.
With Sitecore 8.1 we get language fallback out of the box. Previously we’ve had the Partial Language Fallback module written by Alex Shyba. The new built-in one is a rewritten one.