plug-it service Usage Guideline
Introduction
plugilo provides plug-it service that can be embedded on your website to enhance the user experience.
This document will provide guidelines and best practices for using plug-it to ensure maximum security. 
Integration flow
The plugilo Plug-It service provides an integration flow that ensures no impact to the customer's website. Customers only need to embed a widget once, and everything else will be handled by the plugilo team.
Step-by-Step Integration Process
1. Receive the Embed Code
  • What to do: Our team will provide you with the embed code for the widget.
  • Where to place it: Add the provided code snippet to the relevant section of your website, typically in the or at the desired location in the webpage body.
  • Helpful Tip: Ensure the code is added exactly as provided to avoid integration errors.
Copy and paste the code snippet into your website's HTML code. 

This document assumes the user already has the embed code taken from the plugilo platform or was received by any other means.

Usually, the embed code will look like this:

<iframe data-pwid="psw2" frameborder="0" style="border: none !important; width: 0 !important; height: 0 !important;" data-kit="mmrai" data-widget="9ash3" data-id="544090f3-2800-489e-bdaa-6d69ad70de48"></iframe>

<script src="//booster.webtradecenter.com/Scripts/Booster/sw/sw-booster.js" async></script>

Copy and paste the code snippet into your website's HTML code. 

This document assumes the user already has the embed code taken from the plugilo platform or was received by any other means.

Usually, the embed code will look like this:

<iframe data-pwid="psw2" frameborder="0" style="border: none !important; width: 0 !important; height: 0 !important;" data-kit="mmrai" data-widget="9ash3" data-id="544090f3-2800-489e-bdaa-6d69ad70de48"></iframe>

<script src="//booster.webtradecenter.com/Scripts/Booster/sw/sw-booster.js" async></script>

The embed code has two components: 

 1. The container element for the generated markup that will be embedded in the page.

 2. Reference to the javascript code implementing the plugilo plugin code. 

Integrated position, It is recommended that you add the plugilo's embed code at the end of the page just before the body tag closes (this will ensure loading our script will have minimum impact on the render of your page). 2. Test the widget(s) to ensure they are functioning properly.

2. Confirm Integration
  • What to do: Notify our team once the embed code is added to your website.
  • How to confirm: Email us or update the integration status on your customer dashboard (if applicable).
3. Integration Status Check
  • What we do: Our development team will review the status of the integration to confirm the embed code is correctly added to your site.
4. Content Verification
  • What we do: The team will validate the functionality and appearance of the widget to ensure it works as intended and matches your website’s design and requirements.
  • Possible Follow-Up: If adjustments are needed, we will guide you through resolving any issues.
5. Widget Activation
  • What we do: Once the integration is verified and everything is functioning correctly, our development team will activate the widget.
6. Informing You
  • What to expect: We will send you a confirmation email indicating that the widget is live and fully functional on your website.

More information about our plug-it service
Security
plugilo employs JavaScript to operate its widgets and regulate their function on web pages. Once a widget is added to a website, plugilo code, along with other necessary code, is loaded onto the page.

This facilitates interaction between the widget and the browser, providing access to data and enabling measurement of window size for responsiveness purposes. 

plugilo's JavaScript execution is optimized for efficiency and swiftness, ensuring that widgets load quickly while having minimal impact on site performance. Furthermore, the JavaScript code used by plugilo is designed to be highly compatible with a wide range of devices and browsers, making it accessible to as many users as possible.
Secure Iframe
plugilo's plug-it core functionality and content are securely wrapped and executed within an iframe. This method ensures that there is no risk or impact on the hosting website from the plugilo widget.
Sandbox
plugilo widget utilizes the sandbox attribute which confines the content within the iframe. 

By default, the attributes allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox are enabled, thus facilitating the execution of plugilo code to display content and engage with the user. In case they are not enabled, it restricts form submissions and plugins while also limiting access to local storage. Additional sandbox options can be opened upon request by the hosting website.
Secure Content
plugilo is the sole creator and certifier of all widget content. 

plugilo provides website owners with customizable widgets that can add useful content to their web pages. The widget content, which includes social media feeds, news headlines, event listings, and more, is created by plugilo and can be easily installed on your website.
Security Guidelines
Here are some important security guidelines to follow when using plugilo Secure Widgets:
1. Use HTTPS
Make sure your website is served over HTTPS. This ensures that any data transmitted between the browser and server is encrypted and cannot be intercepted by third parties.
2. Use the Latest Version of the Widget Code
Make sure to always use the latest version of the widget code provided by plugilo. New versions may include security patches and bug fixes, so staying up-to-date is important.
Safety CSS
When using plugilo's widget content, it will be wrapped in an iframe that isolates it from the parent page's DOM. This separation creates a separate DOM, meaning that any CSS applied to the widget will not load onto the parent page and vice versa. Therefore, there is no possibility of CSS conflicts between the widget and the parent page which can often occur when widgets are embedded directly into the HTML of a page. 

In summary, by isolating the widget's content inside the iframe, plugilo ensures that it won't impact the parent page and eliminates the risk of presentation issues caused by conflicting stylesheets.
Responsive handling
At plugilo, we do support responsive environments. During widget setup on the platform, we offer a configuration option where the absolute width and height of the widget can be specified. Typically, these values will be provided by the 3rd party website owner. 
Conclusion
By following these guidelines, you can ensure the security of your website when using plugilo plug-it service. If you have any questions or concerns about using the widgets, please do not hesitate to contact our support team.