Note: We don't allow any requests to third party sites from within secure.tutorcruncher.com (or your custom domain if you are using one). This is a security step we have taken in line with OWASP recommended policies, and will not change. If you attempt to do a request to a third party URL, you will get an error in your console:
Refused to connect to 'https://foobar.com/' because it violates the following Content Security Policy
You can add your own custom JavaScript to be run for your company's pages within TutorCruncher. Simply navigate to System > Settings > System Customization > Custom JavaScript and enter your code there.
You can submit your code for review by clicking the Send for Review button. Once that happens we will take up to two business days to approve it, or get in contact with you with any issues.
In order to get your code approved as fast as possible, please consider the following points:
Format your code so that it's easy to read. We recommend using a code editor like VSCode to help you.
Please don't request reviews for your code often. We'd like to continue to offer this service for free but won't be able to if we have to review code daily.
Your code must be bug-free (there should be no errors in the console) and must not crash the browser.
GET Requests made to TutorCruncher will be reviewed on a case-by-case basis. POST requests are not allowed.
The user's experience must not be adversely affected.
We enforce a Content Security Policy to stop data being loaded or sent to or from any other site. If you have another site that you wish to add to our exemption list, get in contact. We can only add exemptions for sites we trust, such as Facebook and Google. We will not do this for customers' own sites as it adds a security risk.
Notes:
All JavaScript has to be approved by the TutorCruncher team before it will go live.
We reserve the right to disable this feature for any one company at any time.
You can test your unapproved JavaScript in action at any time by switching to your demo branch.
Can I install chat messaging on TutorCruncher?
Custom JavaScript can be used to add a chat messaging between your Administrators and other user types (Students, Clients, Tutors, etc.) using Intercom.
To install chat messaging with Intercom on your TutorCruncher platform, follow these steps:
Sign up for an account with Intercom.
Find your app ID.
Navigate back to TutorCruncher and head to System > Settings > System Customization > Custom JavaScript and enter the code snippet below.
Customise your options using the instructions inside the template, including limiting who can access the chat service.
A member of our development team will review your code to ensure that everything is in order before approving it - this usually takes a few working hours.
Once that is done, input this custom JavaScript code into your custom JavaScript field to install Intercom chat messaging:
/*
This tool will allow you to add Intercom to TutorCruncher so that some or all of your users will be able to contact admins through
the external chat service. This is only for users to chat to admins, not to talk to each other. That isn't possible with TutorCruncher
currently, though it is on our roadmap.
There are two small steps to the set up process.
1. Enter your app_id inside the quotation marks below where it says
const app_id = "YOUR_APP_ID"
2. Choose who can access the Intercom chat function. Setting the value to "true" (without quotation marks) will mean
that the role type will be able to use the chat function. For instance, setting
const tutors_can_access = true
means that tutors can use the chat function. Remember, this only means that tutors can talk to admins using Intercom, not
students/clients/other roles.
*/
const app_id = "YOUR_APP_ID"
const tutors_can_access = true
const clients_can_access = false
const students_can_access = false
const affiliates_can_access = false
// DO NOT CHANGE ANYTHING BELOW THIS LINE
const role_data = JSON.parse($('#head-data').text()).raven_data
const access_role_types = []
if (tutors_can_access) {
access_role_types.push('Contractor')
}
if (clients_can_access) {
access_role_types.push('Client')
}
if (students_can_access) {
access_role_types.push('ServiceRecipient')
}
if (affiliates_can_access) {
access_role_types.push('Agent')
}
if (access_role_types.includes(role_data.role)) {
const render_data = JSON.parse($('#render-data').text())
const intercom_data = JSON.parse($('#intercom-data').text())
function create_user_hash(str) {
let hash = 0;
for (let i = 0, len = str.length; i < len; i++) {
let chr = str.charCodeAt(i);
hash = (hash << 5) - hash + chr;
hash |= 0;
}
return hash;
}
const user_id = `${role_data.role}-${role_data.id}-${role_data.email}`
intercomSettings = {
api_base: "https://api-iam.intercom.io",
app_id: app_id,
user_id: user_id,
user_hash: create_user_hash(user_id),
name: render_data.user_full_name,
email: role_data.email,
};
(function(){var w=window;var ic=w.Intercom;if(typeof ic==="function"){ic('reattach_activator');ic('update',intercomSettings);}else{var d=document;var i=function(){i.c(arguments);};i.q=[];i.c=function(args){i.q.push(args);};w.Intercom=i;var l=function(){var s=d.createElement('script');s.type='text/javascript';s.async=true;s.src=`https://widget.intercom.io/widget/${app_id}/`;var x=d.getElementsByTagName('script')[0];x.parentNode.insertBefore(s,x);};if(document.readyState==='complete'){l();}else if(w.attachEvent){w.attachEvent('onload',l);}else{w.addEventListener('load',l,false);}}})();
}