I have an ASP.NET API running locally. On the MacBook Pro, I can access the endpoints with Swagger, Postman and in the frontend (running on LiveServer) using Axios/JavaScript.
I have successfully loaded the frontend webpage on an iPhone (192.168.0.10:5500/index.html), however the Axios call to the endpoint is failing with the following error message logged to the console Failed to load resource: The certificate for this server is invalid. You might be connecting to a server that is pretending to be “192.168.0.10”, which could put your confidential information at risk.
Running the command dotnet dev-certs https --trust generates the message Successfully trusted the existing HTTPS certificate. but does not resolve the issue.
Am I missing something?
#Lex Li's comment worked.
Steps
Remove or comment out app.UseHttpsRedirection(); in program.cs file.
In the launchSettings.json file, "applicationUrl": "https://localhost:7139;http://localhost:5171", generates a http and https url for the API endpoints. Edit the http route to the IP of the computer/local server, e.g., "applicationUrl": "https://localhost:7139;http://192.168.0.10:5171"
use the http endpoint
Related
Dotnet core 3.1 blazorwasm template app is giving the below error while accessing from network or after hosting it on a linux server. It seems the published app is always looking for local host ip for redirection at certain places.
the errors appeared on the firefox console is given bellow
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://127.0.0.1:5000/.well-known/openid-configuration. (Reason: CORS request did not succeed).
how to configure and publish it to avoid routing to localhost.
This can be reproduced by simply taking the code
https://github.com/dotnet-presentations/blazor-workshop
after running it from visual studio try to access it from a remote client (another machine) will give error while navigating from login and registration links.
Try adding the following CORS middleware configuration to the web API's service's Startup.Configure method and see if that works:
app.UseCors(policy => policy.WithOrigins("http://localhost:5000", "https://localhost:5001")
.AllowAnyMethod()
.WithHeaders(HeaderNames.ContentType));
You need to add this to this file if you are using the code mentioned in your question.
Doc and sample project can be found here.
I have an Angular web app running on Cloud Run (nginx webserver) (more info here) from which I want to get access token from the GCP metadata server. I have tried to make a call to https://metadata.google.internal ( using curl from Cloud Shell) but the connection was rejected. Calls to HTTP are working well.
When I make the call from my app (which is loaded over https) to the metadata server over HTTP - logically I get a mixed content error. When trying to access the metadata server over HTTPS - I am getting error 504 Gateway timeout, I assume due to the reason that the metadata server refuses the calls on HTTPS.
I will really appreciate any idea of how to solve this issue.
The URL endpoint metadata.google.internal is only accessible from inside the instance (Cloud Run). This endpoint is not accessible outside of the instance such as via an HTTP or HTTPS call. A clue is the TLD (Top Level Domain) internal.
If you want to access this endpoint remotely via a web browser, you will need to make a request from the browser to Cloud Run (an endpoint in your code) which then makes the internal request to the metadata server and returns the response to the client.
When trying to run a request through swagger UI, I receive the following response on Swagger
TypeError: Failed to fetch
After searching around, I found that a possible cause of this error is because of a CORS issue, where the origin is changed in the request (as you can see at this other post here). However, in my case, this is not running through some other proxy, it is hosted on a locally hosted server and that server is not changing any of the headers. I realized this when I tried to allow the API to just accept any CORS headers to test if this was the issue; sadly it was not and the issue persisted.
The API is running on IIS hosted on a server that is hosted locally. The API is running as an application on the default website and is accessed via the following url:
http://servername/application-name/swagger/index.html
Can anyone help with this issue?
After further investigation, I found that when I looked at the requests being sent to the server through the dev tools on the browser, that the URL was being changed from http to https on the request of the endpoint through swagger.
HTTPS, has not been set up on the server and returns a 404 (as seen in the dev tools).
It turns out, that even though the server has not been setup to serve content via HTTPS, the requests where still redirected to HTTPS and this was the reason
app.UseHttpsRedirection();
So, even though swagger was able to be loaded on HTTP, when the request was made to the API, the API responded with a 307 - for redirection and the request was redirected to HTTPS - which in turn returned 404. This 404 response was the cause the TypeError: Failed to fetch
The recommended fix for this is to turn off https redirection (ONLY FOR TESTING PURPOSES) and the other is to enable the server to serve the content correctly over HTTPS, so that when a call is made, it is not redirected, but rather sent straight to the correct API address on HTTPS - which should not return the data correctly, since the server can serve HTTPS content
I have a problem while porting my site from http to https, expecially while I invoke any WS.
That are the steps I've follow:
Import certificate in IIS
Change security mode from "Message" to "TransportWithMessageCredential"
I got this error:
SecurityNegotiationException: The server certificate with name XXXXX failed identity verification
because its thumbprint ('XXXXXXX') does not match the one specified in the endpoint identity ('YYYYYY').
As a result, the current HTTPS request has failed.
Please update the endpoint identity used on the client or the certificate used by the server.
What's the problem ?
Could it be a problem of connections cache ?
How can I prevent it ?
I want to use Testtrack SDK API and for that needs to host Test Track SDK server on my server Machine, When I had installed Test Track on my server machine and tried to call it through code it gives me Error Http 405 method not allowed.
Is there any specific things which needs to be done in IIS to run exe ?
The 405 error is a security issue with the IIS web server. You can find step by step instructions for configuring CGIs with IIS in the TestTrack user documentation.
http://help.seapine.com/testtrack/2015.0.1/ttinstall/Default.htm#cshid=WebServerConfigIIS7_8