I want to be able to add domains to Firebase hosting with the API instead of the web UI, is that possible?
I want to add potentially hundreds of domains, is there a domain limit per project in Firebase?
As far as I can tell from the entire CLI documentation, there isn't any way to do this.
Lets take a step back and consider what the web UI process involves i.e. the generation of a TXT record to add to your DNS records, after verifying the presence of said TXT record on the domain, providing A records that you (authorized owner) add to allow redirecting to your firebase hosted site.
In my opinion, this very manual back and forth is necessary as a security measure. The only way it is taken out of the equation via the CLI is by providing a means for you to authenticate ownership of a domain (registered with any one of many domain registrars), and being granted authorization to change your A records. These are both outside the scope of Firebase, and could potentially introduce severe security flaws. Regardless, even if it existed, it would still have to be step-by-step and somewhat manual via CLI rather than the single command it sounds like you're looking for.
It is not possible to add custom domains automatically through an API at this time.
Nor would it allow you to create a reseller or multi-tenant project (i.e. connect a large number of domains or subdomains dynamically) since you cannot connect more than about 36 domains connected to one project.
It's possible to add domains using Firebase Hosting Rest Api. I am not sure why they didn't put it on their official website but I checked today and it works. https://developers.google.com/resources/api-libraries/documentation/firebasehosting/v1beta1/java/latest/com/google/api/services/firebasehosting/v1beta1/FirebaseHosting.Sites.Domains.html
Answer that I've received from Firebase support:
There is no API yet that would allow you to add custom domains, it was
requested as a feature before but unfortunately we have no more
information on that - so for now, only the Console UI allows you to do
it.
When it comes to the limits, in a project, a custom domain is
attached to a site - there can be 36 sites per project, and for one
site there is no hard limit, but we recommend not exceeding 20 custom
domains. You can experience technical issues with SSL certs when you
exceed 20 domains per site, which we won’t be able to troubleshoot
since the system was not designed for such use cases.
Related
I am looking for a way to limit access to AWS S3 hosted data in a controlled and at least semi-secure way. I have various resources in a number of S3 buckets, with CloudFront as CDN. I then have a WordPress based website using a theme that allows me to sell "courses". Finally I manage my domains so I can create a sub domain for the content download link, i.e. content.domainname.com.
Ideally I want to limit access to content to a specific set of courses, so only people who have bought the course, and are linking to the content from a web page in that course, can (easily) get at the data.
I know I can use an AWS Web ACL rule to check the referer, to limit downloads to links on my domain. And I think I can expand on that to test more of the URL, so in www.domainname.com/paid/coursename/page.html I could have a rule that tests for the bold portion of the path and refuses otherwise.
However, I also know that referer can be easily spoofed, and more importantly some browsers and internet security software will replace the referer, and I don't want my site security to force customers to change their security settings. So, is there another option, to include some sort of data in the HTTP request, that limits access in a way that is both somewhat secure, but not dependent on a client side settings? Perhaps something like a hash that I could include in the link itself? Or, maybe the WordPress API and AWS Web ACL Rules can communicate is some way so as to validate the logged on user has membership in the course? Grasping at straws here I suspect.
Additionally, there will be a PowerShell script that can be downloaded and run, which will access downloadable content as well. Again, I want to limit access, but in this case I need to be able to maintain the criteria on AWS as I have subscription and non subscription versions of the courses, and the PS script should only download for customers on subscription. So, I could provide the PS script with something like a customer ID, then maintain a list of customer IDs that are currently on subscription so the Web ACL rule could filter. But again, I suspect that HTTP header won't get the job done, because it could be changed by internet security at the customer location. But now I am limited by what PowerShell can do with regards to HTTP requests.
I know, rather an open ended question, but hopefully someone can at least point me in the right direction. It sure seems like both needs are something that AWS should be able to do, I am just so out of my depth here I don't know where to start, and AWS documentation requires that you have some clue to get you going.
I want to set Specific domains in Azure Qna maker app cors settings, not *. Can any one let me know what is the required domains for that, as i do not find any documentation regarding this online.
When you create your QnA Maker resource, you are creating an Application (web app) in order to host your endpoint for queries:
This is due to the architecture which is the following:
So if you want to implement specific CORS rules, go the your Web App and set CORS rules in the dedicated tab:
Additional edit:
Based on the comments (thanks #sumit sharma), the necessary domains are:
qnamaker-service.trafficmanager.net
qnamaker.ai
The answer from Nicholas R gives you everything you need to solve this issue except the domains to add (tried to edit by edit queue is full). If you are looking for the domains to add here, it should be at a minimum https://qnamaker-service.trafficmanager.net and https://www.qnamaker.ai. I added these and have not had any issues with the service since removing "allow all".
I have successfully deployed a Google Cloud Endpoints Developer Portal for my API running on Endpoints. I would like to provide access to testing to people outside my organisation that are not using GCP in their projects.
Login to the portal works correctly if I enable the Service Consumer role for these people (on per-email basis). However, when they open it for the first time, they are being asked to grant some extra permissions to the portal:
This form can create totally unnecessary security concerns. Does anyone know, why is it needed?
I only would like my clients to be able to test my API using a GUI, before they could start connecting their projects (not necessary on GCP) to mine. This seems to be a valid use case for me, however I might be misunderstanding some basic concepts.
Or should I submit a feature request to Google about a new role that only enables the access to the portal, and nothing else, so no such forms are shown?
Since Endpoints APIs must be explicitly shared with customers, the portal needs to verify that the logged-in user has permission to view that Endpoints API. So the short answer is that these scopes are being requested primarily so the portal can check the user's access to this API.
Longer answer is that we (the Endpoints team) are looking into if it's possible to build narrower OAuth scopes that would correspond to the access checks we perform. We agree that it's unnecessarily broad of an access request and are hoping to improve this in the future. Thanks for your comment!
I want to use Webex API [www.webex.com] to create meeting from my site.
For that I need my own domain in the case of URL API in this way:
"https://yourWebExHostedName.webex.com/yourWebExHostedName/".
And in the case XML API, I need WebexID, SiteID, ParternerID.
Those are mentioned in this Webex official document.
https://developer.cisco.com/documents/4733862/4736679/URL+API+WBS+27+Ref+Guide.pdf
I want to say that these parameters are available in testing environment.
But I don't have my own domain to use this API in production environment.
So I want to know that it is possible to use this API in production environment without owning a domain.
Do you have any Idea? Have you faced such problem? I need urgent solution regarding that.
For the XML API, you can obtain those parameters from this page (you need to login or register first to be able to see the form):
https://developer.cisco.com/site/webex-developer/develop-test/try-webex-apis/
To test the API, all the requests would be made to the sandbox site https://apidemoeu.webex.com
No
You cam't go for production without Webexdomain. Because For recording of video,Host users's and Attendee user's it take space on server to stored all this data you need your web-ex hosting site.
My company creates hardware products that are sold throughout the world. They have an embedded webserver that allows for users to configure the product via a web interface. I wanted to enhance the user experience of this interface and the first step would be to start gathering analytics on how users move throughout the tool.
My question is how I should do this since there won't be a domain and instead some internal IP address that is used to access the product. For example, if their IT team installs the printer on 10.10.10.10, they almost never associate that with an internal server name and users would access the web configuration tool by directly hitting the IP. Even if they did create an internal server name like "config.productname.com", I would have no way of knowing what that would be.
This means I can't create a profile in GA to start accepting this analytic data. Has anyone done something similar in the past or have advice on how to address this issue?
Could the issue be resolved by using SiteCatalyst instead?
SiteCatalyst provides the capability to store visitor information inside any cookie of your choosing, and does not care which domain you place code on. Ultimately all data is sent to a subdomain of 2o7.net, however you can create a CNAME record so your site stores and writes cookies to any domain of your choice.
Within the s_code.js file, there is a variable defined that governs the domain the cookie is set:
s.trackingServer="yourorganizationname.2o7.net";
It would not matter where this implementation was tracking data from, they would all use the exact same cookie location, and be treated as the same visitor no matter which domain they viewed. Just keep in mind this is defined as a third-party cookie, and small portion of browsers reject 3rd-party cookies by default.
You might try Piwik or Open Web Analytics since you can deploy them on your own infrastructure and could modify them to meet your requirements.
If you have a serial number assigned to each device during manufacturing, you may want to use that to distinguish between devices, regardless of which analytics tools you use.
Note that as far as I can tell, Google Analytics doesn't actually care what domain you place the code on; they just use your domain specification to determine what sites the tracking cookies will be delivered to. That may not help you as you probably want the tracking cookies to work, but I point it out in case it turns out to be useful...