I'm hosting a website with Firebase. I was able to verify my custom domain without any issues. However, I noticed that when visiting the site with 'www' I was getting either a 404 error or an insecure warning.
When I try to add the domain with www to Firebase I'm not able to get if verified. I noticed the site verification string for adding the new domain (with www) is the same as the one I had to add to connect the original domain (without www).
I also tried adding a CNAME record with host www and value of piccy.app. Finally I tried to copy the existing A record and change the host from # to www.
What am I doing wrong here?
This is the message I'm getting in the console:
Here's the Namecheap setup:
Any help is appreciated.
Related
I hosted a website in firebase hosting and connected a custom domain, the domain is connected properly as you can see in the screenshot.
firebase hosting screenshot
The problem is if someone for the first time in their browsing session writes http://plucreo.com it does not get redirect to https://plucreo.com and the connection gets timed out. This does not happen with the default domain http://plucreo.web.app it redirects to https:// one correctly.
But, if you manually type https://plucreo.com in address bar, for the current browsing session http://plucreo.com starts correctly redirecting to https:// one.
How to fix this redirecting issue?
I am getting the following message when trying to use auth.linkWithPhoneNumber(). All other auth services on the same domain are working fine.
auth/captcha-check-failed and "Hostname match not found" errror
https://github.com/firebase/quickstart-js/issues/394
Now I know this issue is reference all over but the solutions are not working for me... The solution i keep finding is to update Authorized Domains however there are 2 reasons that might not be the solution for this app.
All other auth services are working just fine
I am unable to change anything under Authorized Domains.
Login by phone DOES work on localhost, but not in prod
When updating Authorized domain the changes do not save. instead i get the following
Error updating authorized domain list
Question
If the solution for the auth/captcha... is to update domains then why cant i save changes there? If that is likely not the solution then do you know what it could be
I added my domain in the Authorised domain
like if my domain is www.example.com i added example.com
but it's not working
so i try Adding with www.example.com and it worked for me.
Add www.example.com instead of example.com
What's your browser and do you have any Allow CORS extension installed? Try to toggle it to off and try again.
I'm having a problem with a custom domain for a static web that I'm hosting in Firebase. When I go to mydomain.com it works fine but when I go to www.mydomain.com it's not working. Firebase hosting has an option to redirect to mydomain.com if you are trying to go to www.mydomain.com but it seems I haven't been able to verify that I own www.mydomain.com.
I verified mydomain.com using A records but when I try to verify www.mydomain.com it tells me that I should use exactly the same records I used to verify mydomain.com, so I tried to add the same A records twice but it did not work. After that I tried using TXT records to verify www.mydomain.com but it didn't work either. So, what am I doing wrong?? These are the screenshot of Firebase hosting and NameCheap.
NameCheap
the first 2 A records are to verify mydomain.com, the acme-challenge txt record is the one I'm using to trying to verify www.mydomain.com
Thanks for your help!
The directions given by Firebase are wrong. The host value should be www and not www.mydomain.com when redirecting from mydomain.com to www.mydomain.com. It happens the same when trying to verify mydomain.com but instead of www it should be # like in one of the screenshot of my answer.
I'm developing a website using ASP.NET identity that will work with subdomains that identify a client using some information from here I've got subdomains working locally, but I can't get it to work with OAuth.
For example, if I got to https://localhost:44301 and try to login with Google, everything is fine. In my Google console I have https://localhost:44301 under "Authorized JavaScript origins" and https://localhost:44301/signin-google under "Authorized redirect URIs". But when I go to https://foo.localhost:44301 Google will respond with:
Error: invalid_request
Invalid parameter value for redirect_uri: Non-public domains not allowed: https://foo.localhost:44301/signin-google
When you try to log in. I can add https://foo.localhost:44301 to "Authorized JavaScript origins" in the Google console, but it won't let me add https://foo.localhost:44301/signin-google under authorized redirect URIs because it will complain:
Invalid Redirect: https://foo.localhost:44301/signin-google must end with a public top-level domain (such as .com or .org)
Some other questions and answers suggest redirecting all subdomains to a single domain for OAuth, but ideally I want to keep logins per subdomain. So if you use google to sign it to foo.mydomain.com it will be separate from bar.mydomain.com and I don't think that'll work if I have to redirect both to the same single domain (although I'm not sure that's going to work without separate projects in Google.
Google and in general other OAuth2/OIDC providers will support redirecting to sub-domains. Your specific problem is that you seem to be trying to use sub-domains of localhost which is in the list of Special-Use Domain Names (RFC6761) and it seems Google has additional constraints for those ones.
However, this is not a real limitation because on production you'll use a public top-level domain from from where you'll have the specific sub-domains.
If you need to have this working for local development, you can use localtest.me which allows you to set a sub-domain you like (foo.localtest.me and bar.localtest.me) while still ensuring that the domain resolves to your local machine (127.0.0.1). This should stop Google from complaining about it...
I'm running a meteor app, which I just deployed to production with Meteor up. Now I have a mismatch when I try to login using a Oauth service between example.com and www.example.com. In my fb-app I use the www address. So if I go to example.com and try to login, I get an error in console about same-origin-policy.
I'm using the browserpolicy package for Meteor. In which I added both non-www and www inside BrowserPolicy.content.allowOriginForAll(origin);
What's the correct fix for this? Can I somehow add 2 url's to my fb-app or should I use a wildcard?
Should I redirect all traffic to www.example.com?
Or is there a different/more correct solution for this?