Just getting started with here. I've tried the javascript sample and getting cors error. My test url is https://fleetcom511.com/all_drivers_new.php
Access to XMLHttpRequest at 'https://vector.hereapi.com/v2/vectortiles/info?xnlp=CL_JSMv3.1.11.1&apikey=xxxxx' from origin 'http://fleetcom511.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
mapsjs-core.js:41 GET https://vector.hereapi.com/v2/vectortiles/info?xnlp=CL_JSMv3.1.11.1&apikey=xxxxx net::ERR_FAILED
d # mapsjs-core.js:41
Lc # mapsjs-core.js:42
application/json # mapsjs-core.js:75
jf.qj # mapsjs-core.js:74
(anonymous) # mapsjs-core.js:52
(anonymous) # mapsjs-core.js:52
$d.b # mapsjs-core.js:52
$d.add # mapsjs-core.js:51
Xd # mapsjs-core.js:51
jf # mapsjs-core.js:74
ip # VM152:49
dp # VM152:48
X.qb # VM152:45
X.yj # VM152:50
X.Ug # VM152:60
(anonymous) # all_drivers_new.php:50
all_drivers_new.php:1 Access to XMLHttpRequest at 'https://vector.hereapi.com/v2/vectortiles/base/mc/13/4096/4096/omv?xnlp=CL_JSMv3.1.11.1&apikey=xxxxxx' from origin 'http://fleetcom511.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
mapsjs-core.js:77 GET https://vector.hereapi.com/v2/vectortiles/base/mc/13/4096/4096/omv?xnlp=CL_JSMv3.1.11.1&apikey=xxxxx net::ERR_FAILED
The error message tells where is the problem: No 'Access-Control-Allow-Origin' header is present on the requested resource.
You should enable CORS on your server. I don't know what type of server you use, but if it's apache, then this article should help: https://tecadmin.net/enable-cors-apache/
Related
i am having troubles with nginx. The problem is that when i access mywebpage.org from the phone or laptop over data connection or on friends wifi it works. But if i try to access it over wifi or my cable connection on the same home network it loads for few minutes (After few minutes some errors appears in the console).
It should redirect me to my home ip 192.168.1.100:2000 where i have my nextcloud. After a while logo of nextcloud appears but it doesn't progress. If i press F12 and see Sources i can see that the browser gets something like favicon css and more. But the site only loads for few minutes.
Description of my system
I have Debian server installed where i have open media vault, Nextcloud and Home Assistant. The nginx was automatically installed with OMV. I tried to use Nginx Proxy manager installed via portainer but he did the same thing. I am not using HTTPS in this setup.
after few minutes there are this errors in the console of the browser.
GET http://taligo.hopto.org/core/js/dist/files_client.js?v=108eacf6-0 net::ERR_CONNECTION_RESET 200 (OK)
login:33 GET http://taligo.hopto.org/core/js/dist/login.js?v=108eacf6-0 net::ERR_CONNECTION_RESET 200 (OK)
login:18 GET http://taligo.hopto.org/core/js/dist/main.js?v=108eacf6-0 net::ERR_CONNECTION_RESET 200 (OK)
files_fileinfo.js?v=108eacf6-0:1 Uncaught ReferenceError: OC is not defined
at Object.<anonymous> (files_fileinfo.js?v=108eacf6-0:1)
at Object.702 (files_fileinfo.js?v=108eacf6-0:1)
at r (files_fileinfo.js?v=108eacf6-0:1)
at files_fileinfo.js?v=108eacf6-0:1
at files_fileinfo.js?v=108eacf6-0:1
(anonymous) # files_fileinfo.js?v=108eacf6-0:1
702 # files_fileinfo.js?v=108eacf6-0:1
r # files_fileinfo.js?v=108eacf6-0:1
(anonymous) # files_fileinfo.js?v=108eacf6-0:1
(anonymous) # files_fileinfo.js?v=108eacf6-0:1
merged-template-prepend.js?v=108eacf6-0:26 Uncaught ReferenceError: OC is not defined
at merged-template-prepend.js?v=108eacf6-0:26
(anonymous) # merged-template-prepend.js?v=108eacf6-0:26
sk.js?v=108eacf6-0:1 Uncaught ReferenceError: OC is not defined
at sk.js?v=108eacf6-0:1
(anonymous) # sk.js?v=108eacf6-0:1
sk_SK.js?v=108eacf6-0:1 Uncaught ReferenceError: OC is not defined
at sk_SK.js?v=108eacf6-0:1
(anonymous) # sk_SK.js?v=108eacf6-0:1
index.js:24 Uncaught ReferenceError: OC is not defined
at Object.344 (index.js:24)
at r (bootstrap:19)
at bootstrap:83
at main.js?v=108eacf6-0:1
344 # index.js:24
r # bootstrap:19
(anonymous) # bootstrap:83
(anonymous) # main.js?v=108eacf6-0:1
viewer.js:22 Uncaught ReferenceError: OC is not defined
at Module.<anonymous> (viewer.js:22)
at o (bootstrap:63)
at bootstrap:195
at bootstrap:195
(anonymous) # viewer.js:22
o # bootstrap:63
(anonymous) # bootstrap:195
(anonymous) # bootstrap:195
sk.js?v=108eacf6-0:1 Uncaught ReferenceError: OC is not defined
at sk.js?v=108eacf6-0:1
(anonymous) # sk.js?v=108eacf6-0:1
script.js?v=108eacf6-0:492 Uncaught ReferenceError: jQuery is not defined
at script.js?v=108eacf6-0:492
(anonymous) # script.js?v=108eacf6-0:492
files.js?v=108eacf6-0:122 Uncaught ReferenceError: jQuery is not defined
at files.js?v=108eacf6-0:122
(anonymous) # files.js?v=108eacf6-0:122
sk.js?v=108eacf6-0:1 Uncaught ReferenceError: OC is not defined
at sk.js?v=108eacf6-0:1
(anonymous) # sk.js?v=108eacf6-0:1
theming.js?v=108eacf6-0:1 Uncaught ReferenceError: OCA is not defined
at theming.js?v=108eacf6-0:1
(anonymous) # theming.js?v=108eacf6-0:1
backgroundjobs.js?v=108eacf6-0:24 Uncaught ReferenceError: $ is not defined
at backgroundjobs.js?v=108eacf6-0:24
(anonymous) # backgroundjobs.js?v=108eacf6-0:24
files_pdfviewer-public.js?v=108eacf6-0:44 Files_PDFViewer initialized for public page {isPublicPage: null, canDownload: true, isSecureViewerAvailable: false}
DevTools failed to load source map: Could not load content for http://taligo.hopto.org/core/js/dist/files_fileinfo.js.map: Load canceled due to load timeout
DevTools failed to load source map: Could not load content for http://taligo.hopto.org/apps/files_pdfviewer/js/files_pdfviewer-public.js.map?v=15d058082286d206e4c8: Load canceled due to load timeout
I am a beginner in Linux and any help counts for me
Thank you all.
It might help if you added nextcloud to /etc/hosts
The problem was with my provider modem/router. It had a check box for hairpinning but it did nothing. I bought another router and then all worked.
I am trying to log the video duration of a mp4 file in NGINX access log, which should happen when a client 'GET' a mp4 file from the server. I have configured a custom log format as follows:
log_format nginx_custom_log '$remote_addr ... $request_uri $status $sent_http_content_type $video_duration';
access_log /var/log/nginx/access.log nginx_custom_log;
I can add a custom HTTP header - video_duration pointing to the path of a video file and manually assigning the value, but this require changing nginx configuration every time a video is added and reloading nginx:
location /path/video.mp4 {
add_header video_duration 123456;
}
The following record is written to NGINX access log:
192.168.0.1 ... /path/video.mp4 206 video/mp4 123456
I also tried configuring the X-Content-Duration HTTP header (which is no longer supported by Firefox) in NGINX configuration but no value has been logged.
I found a module named ngx_http_mp4_module. It allows specifying arguments like ?start=238.88&end=555.55, which leads me to believe NGINX is capable of reading the metadata of a mp4 file.
Is there a way to log the duration of a mp4 video file in NGINX access log, similar to how a file's content-length (in bytes) and content-type (video/mp4) can be logged?
Thanks Alex for suggesting to add a metadata file and read it using Lua. Here's the implementation for reference:
nginx.conf
location ~* \.(mp4)$ {
set $directoryPrefix '/usr/local/openresty/nginx/html';
set $metaFile '$directoryPrefix$request_uri.duration';
set $mp4_header "NOT_SET";
rewrite_by_lua_block {
local f = assert(io.open(ngx.var.metaFile, "r"))
ngx.var.mp4_header = f:read("*line")
f:close()
}
add_header mp4_duration $mp4_header;
}
log_format nginxlog '$remote_addr ... "$request_uri" $status $sent_http_content_type $sent_http_mp4_duration';
access_log /usr/local/openresty/nginx/logs/access.log nginxlog;
Please note that $metaFile refers to the metadata file containing the duration:
$directoryPrefix: /usr/local/openresty/nginx/html
$request_uri: /video/VideoABC.mp4
$metaFile: /usr/local/openresty/nginx/html/video/VideoABC.mp4.duration
access.log
192.168.0.1 ... "/video/VideoABC.mp4" 206 video/mp4 1234567890
mp4 & metadata file path
root#ubuntu: cd /usr/local/openresty/nginx/html/video/
root#ubuntu: ls
VideoABC.mp4 VideoABC.mp4.duration
root#ubuntu: cat VideoABC.mp4.duration
1234567890
I want to have a conditional header based on a header I want to get from the upstream.
For some reason it always gets translated to default.
Configuration:
upstream service decides if a header called x-no-iframe-protection should exist.
main nginx:
map $http_x_no_iframe_protection $x_frame_options {
yes "";
default "SAMEORIGIN";
}
server {
...
add_header X-Frame-Options $x_frame_options;
...
}
No matter what I try - I get both headers:
$ curl -v myhost
...
< x-no-iframe-protection: yes
< x-frame-options: SAMEORIGIN
...
Just to clarify - I use the x-no-iframe-protection just as a trick to remove x-frame-options in specific cases. I'm OK with it staying (although it is not needed once parsed by nginx)
Anyways - how can I make it get caught in order to replace the header value?
An HTTP transaction contains request headers and response headers. From the context of your question you are setting the value of a response header based on the value of another response header (which was received from upstream).
Nginx stores request headers in variables with names beginning with $http_ and response headers in variables with names beginning with $sent_.
In addition, response headers received from upstream may also be stored in variables with names beginning with $upstream_http_.
In your configuration you use the variable $http_x_no_iframe_protection, whereas you should be using either $sent_x_no_iframe_protection or perhaps $upstream_http_x_no_iframe_protection.
All of the Nginx variables are documented here.
try using $upstream_x_no_iframe_protection to access upstream response header.
I'm trying to add the CORS headers to my Drupal 8.2 instance, using the YAML file located at sites/default/services.yml however I am not able to make Drupal generate the necessary header:
Access-Control-Allow-Origin → *
Here is my sites/default/services.yml:
# Configure Cross-Site HTTP requests (CORS).
# Read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
# for more information about the topic in general.
# Note: By default the configuration is disabled.
cors.config:
enabled: true
# Specify allowed headers, like 'x-allowed-header'.
allowedHeaders: []
# Specify allowed request methods, specify ['*'] to allow all possible ones.
allowedMethods: []
# Configure requests allowed from specific origins.
allowedOrigins: ['*']
# Sets the Access-Control-Expose-Headers header.
exposedHeaders: false
# Sets the Access-Control-Max-Age header.
maxAge: false
# Sets the Access-Control-Allow-Credentials header.
supportsCredentials: false
Does anyone know if I need to verify anything else, or how to debug why the .yml file is not working?
Note: I have tried adding in settings.php: header("Access-Control-Allow-Origin: *"); and this works, however, it is not the recommended way of doing this, since 8.2 has this specific configuration file.
Here is my working services.yml file and corresponding JS request for Drupal 8.3.7.
cors.config:
enabled: true
# Specify allowed headers, like 'x-allowed-header'.
allowedHeaders: ['x-csrf-token','authorization','content-type','accept','origin','x-requested-with']
# Specify allowed request methods, specify ['*'] to allow all possible ones.
allowedMethods: ['*']
# Configure requests allowed from specific origins.
allowedOrigins: ['http://localhost:3000']
# Sets the Access-Control-Expose-Headers header.
exposedHeaders: true
# Sets the Access-Control-Max-Age header.
maxAge: 1000
# Sets the Access-Control-Allow-Credentials header.
supportsCredentials: false
Here is a quick developer tools console fetch to verify the response.
function reqListener() {
var data = this.responseText;
console.log(data);
}
function reqError(err) {
console.log('Fetch Error :-S', err);
}
var oReq = new XMLHttpRequest();
oReq.onload = reqListener;
oReq.onerror = reqError;
oReq.open('get', 'http://blt.dev/session/token', true);
oReq.send();
This responds with the appropriate csrf token for the anonymous user.
My configuration was not working because I dropped off the pararameters: attribute of the services.yml file.
Ensure that it starts with parameters:
parameters:
# Configure Cross-Site HTTP requests (CORS).
# Read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
cors.config:
enabled: true
# Specify allowed headers, like 'x-allowed-header'.
allowedHeaders: ['x-csrf-token','authorization','content-type','accept','origin','x-requested-with']
# Specify allowed request methods, specify ['*'] to allow all possible ones.
allowedMethods: ['*']
# Configure requests allowed from specific origins.
allowedOrigins: ['http://localhost:4200']
# Sets the Access-Control-Expose-Headers header.
exposedHeaders: false
# Sets the Access-Control-Max-Age header.
maxAge: false
# Sets the Access-Control-Allow-Credentials header.
supportsCredentials: true
How to set the header as content-type and authentication for robotframework
*** Variables ***
${PORT} 36504
${HOST} https://staging-product..co/api/products
${HeaderName} Content-Type
${HeaderValue} application/json
${HeaderName1} Authorization
${HeaderValue1} Token token=zkzg1VPnhcMm7uv,email=cctest7#gmail.com
*** Settings ***
Resource variables.txt
Library HttpLibrary.HTTP
Test Setup Create HTTP Context ${HOST} https
*** Test Cases ***
Set Headers
POST https://staging-product..co/api/products
Full-URL GET to MytestSsite
GET https://staging-product.connect.co/
Taken from the HTTP Library Documentation (https://peritus.github.io/robotframework-httplibrary/HttpLibrary.html)
Set Request Header | header_name, header_value |
Sets a request header for the next request.
header_name is the name of the header, e.g. User-Agent header_value is the key of the header, e.g. RobotFramework HttpLibrary (Mozilla/4.0)
A further simple example would be:
Set Request Header Content-Type application/json
or using your variables above:
Set Request Header ${HeaderName} ${HeaderValue}
Here is a full example:
Create HTTP Context ${HOST} http
${Request_Body} Get File ${xmlFilename} encoding=${Request_Body_Encoding}
Set Request Header ${HeaderName} ${HeaderValue}
Set Request Body ${Request_Body}
Log ${Request_Body}
POST ${URL}
Response Status Code Should Equal ${ResponseStatusCode}