I'm currently deploying a spring boot 1.5.1 application to pivotal cloud foundry. The Apps manager is displaying the Spring icon but i cant configure the log level or see any of the settings. I'm getting a browser 'mix content exception'. Apps manager is trying to access /cloudfoundryapplication/info over http instead of https and the browser is blocking the request. Is there a setting to force Apps manager to only use https?
Our team encountered a similar issue. We feel it has nothing to do with the apps manager but rather as to how our app behaves.
In our case we had a bad configuration which was causing the URLS getting built as http when httpRequest.getScheme() was being called.
server.tomcat.internal-proxies: <ips other then your proxy>
Correcting this property in our case by letting it to default as defined here let the getScheme to be returned as https and there by when the call being made to /cloudfoundryapplication/info the scheme got built as https.
Also another suggestion made by one of our colleague which also resolves this issue but would not address the root cause is - fronting your application(highest precedence) with ForwardedHeaderFilter - this causes the X-FORWARDED-* headers to be available in your httpServletResquest as described here
Related
I'm in the process of deploying my React site to AWS via Amplify, and the first step on the site is authenticating with Spotify. Here in their auth guide, they call the type of auth I am performing "Authorization Code Flow" where the first step is the site requesting a scoped auth and receiving a code via a http redirect.
This all works fine and dandy when I am running the app locally - the network logs and associated looks like this (apologies, I'm not sure how to best reproduce for you this devtools output):
localhost network logs
localhost initiator chain
But when I attempt this on my live site soundfound.io I instead receive in additional redirect which makes it impossible for me to retrieve the code (I believe at least - I could not figure out a workaround where I just capture the code from the 2nd 302 here but if you do, please enlighten me b/c I'm at the end of my rope here).
live network logs
localhost initiator chain
and here - my boilerplate AWS Amplify domain config: https://ibb.co/SV1N809
I've been reading up but this is just not clicking with me - WHO or WHAT is causing this additional redirect? It's certainly not the React application itself, that doesn't make any sense. Spotify knows about both redirect urls (localhost:3000/redirect and soundfound.io/redirect) so I don't understand how that could behave differently. The only place I can think to look is within the domain registration and control part of AWS Amplify - but I don't see (or don't understand) anything that would cause this sort of issue?
I'm just so lost as to where to begin trying to troubleshoot this, any and all help would be appreciated. Thanks
The AWS Amplify automatically creates a rule in the console App settings under "Rewrites and redirects" that redirects all requests to my base domain "soundfound.io" to "www.soundfound.io". Erasing this rule solved the issue.
I am new to Next JS, I'm experiencing this error right after I created my first app and run it from the terminal. I haven't declared next/router in vs code, did not change or add files to my project.
I tried to restart the server, but the error message remains.
Error: No router instance found.
You should only use "next/router" on the client-side of your app.
This error is due to your Reactjs web application URL & your API URL are not having same origins (not running on same port or same hosts or same schemes).
Two URLs have the same origin if they have identical schemes, hosts, and ports.
EX: Your web application URL http://192.168.3.143:4040 is different from your React web application URL.
Therefore you need to try any of the following solutions:
Your web application & API application should have the same schemes, hosts, and ports
OR
You need to enable CORS in your API, for your web URL which is different than your API URL.
I understand what SPA routing is, but there is one aspect I never fully understood, and I don't know if the answer to the question is library specific, server-site specific, or both.
When running a SPA development server locally, the routing is obvious. For instance the frontend route /user/login is served by the development server under https://<SERVER-IP>/user/login.
However, how does that work in production? For example, in production there is an NGINX instance running that statically serves the SPA build files from http://some-domain/some/path, in particular the main http://some-domain/some/path/index.html. On server site, this typically requires a certain configuration that ensures that requests on sub-paths get redirected to the index.html, as explained e.g. by this answer in case of NGINX.
What isn't clear to me: How can the app extract the frontend route from the URL after redirection? For instance: If the request is http://some-domain/some/path/user/login how does the app router knows the relevant part of the URL is /user/login? I see two possible explanation:
Either it is possible to maintain the "base URL" information in the redirect, or
Does this in general require a special (production specific) configuration of the frontend router library?
While I was trying my project on localhost it was working fine, using https://cors-anywhere.herokuapp.com/ since I got the CORS problem. But once I deployed the site on Netlify, it gave me the error 426 (Upgrade Required), with or without using https://cors-anywhere.herokuapp.com/.
These are the messages that appear on my console:
>Failed to load resource: the server responded with a status of 426 (Upgrade Required)
>Error: Request failed with status code 426
at createError.js:16
at settle.js:17
at XMLHttpRequest.<anonymous> (xhr.js:61)
I have been searching and some people seem to have similar problem to this. I have seen solutions like having my own server to pass the requests, but I don't know how to do it and, correct me if I am wrong, wouldn't that be the same as using https://cors-anywhere.herokuapp.com/?
Newsapi changed their pricing model.
You can't make requests from the browser anymore, you'll have to use a backend. I had the same problem and the easiest way around it was implementing a Node (Express) server.
I guess the free plan simply is not longer available in production.
"Requests from the browser are not allowed on the Developer plan, except from localhost."
Here's the updated plan page..
https://newsapi.org/pricing
Actually newsapi.org api in developer plan is no more working in production.
because in developer plan CORS is only enabled for localhost.
Developer Plan $0
CORS enabled for localhost.
https://newsapi.org/pricing
but if you want to fetch news in production then there is a alternative for this which have 1000 request per month free works in production also .
https://newsapi.in/
Newsapi.in this website provide api that have cors enabled for all origins.
Enjoy...
As others have mentioned, Newsapi no longer allows you to make requests from the browser.
newscatcher has a no-card free tier that allows for 10,000 requests. On top of that, depending on your use case you can even mail them to increase the limits for a short span of time, or to add extra data points.
Is it possible to use the flash.net.NetConnection object to connect to my Flash remoting enabled web application over HTTPS within Tomcat or any other servlet container?
I am using the SpiceFactory cinnamon project for amf remoting and have searched for examples of using HTTPS but see only the reference to a proxy type in the NetConnection object.
If someone could provide a reference or example that would be awesome. Or if it is not possible using the flash.net.NetConnection object are there any recommendations of how to configure HTTPS for the spicefactory cinnamon library.
According to the creator Jens Halm, it should just work out of the box.
http://www.spicefactory.org/forum/viewtopic.php?t=407
flex https works fine , if you use self signed certificate end user needs to add the public key manually to the trusted store, by directly connecting to the site using https://...
and accept the certificate.
second way is run the connection over http and do the encryption / description manually using
as3crypto - flex http://code.google.com/p/as3crypto/ and php openssl