I am developing a Command Line Tool in Swift 3, i have this code:
let url = "www.google.com"
var request = URLRequest(url:url)
request.httpMethod = "GET"
let task = session.dataTask(with: a){ (data,response,error) in
print("REACHED")
handler(response,data)
}
task.resume()
I cannot reach the task if i use "http://" or "https://" as prefix in any url, i am wondering if i need a App Transport Security plist, i already tried create a simple plist, anyone knows some if has a particularity for this problem?
When specifying a URL, you need the "scheme" (e.g. http:// or https://).
The url is a URL, not a String, so it should be:
let url = URL(string: "http://www.google.com")!
Yes, you need Info.plist entry if you want to use http://. E.g. https://stackoverflow.com/a/37552442/1271826 or Transport security has blocked a cleartext HTTP or just search stack overflow for "[ios] http info.plist" or with [osx].
Note, in Xcode 8.1, console apps don't necessarily have a Info.plist file, so if you don't have one, you may have to add one by pressing command+n:
update your target settings to specify the plist:
and then add the appropriate settings, e.g.:
I assume where you have URLRequest(with: a) you meant URLRequest(with: request).
You'll need something to keep the command app alive while you're performing the request (e.g. a semaphore or something like that).
Related
I want to manage my Trello cards and boards using the trelloR package but when I try to create a token with the get_token function, I get an error message on my browser : "Invalid return_url".
my_token <- get_token(key = my_key, secret = my_secret)
my_key is my personal Trello API key and my_secret is my OAuth secret. I got them on the Trello page that gives you your authentication codes, after login : https://trello.com/app-key
To use the Trello API and to access to boards, I need a token. This token is generated with OAuth1.0 by the httr package. Indeed, the function get_token do something like this, according to Jakub Chromec, author and maintainer of trelloR here :
trello.app = httr::oauth_app(
appname = "trello-app",
key = my_key,
secret = my_secret)
trello.urls = httr::oauth_endpoint(
request = "OAuthGetRequestToken",
authorize ="OAuthAuthorizeToken?scope=read&expiration=30days&name=trello-app",
access = "OAuthGetAccessToken",
base_url = "https://trello.com/1")
httr::oauth1.0_token(
endpoint = trello.urls,
app = trello.app)
When I execute this code or the function get_token with my personal key and secret, I am redirected to my browser, which is normal. As described on this page, a screen should appear asking me to allow authentication. But instead I just have an error message in the browser : "Invalid return_url".
In the RStudio console, this remains displayed :
> my_token <- get_token(my_key, my_secret)
Waiting for authentication in browser...
Press Esc/Ctrl + C to abort
I'm using httr 1.4.1, curl 4.2 and trelloR 0.6.0 with R 3.6.1 under macOS 10.15.
Some people reported the problem started after the introduction of Allowed Origins and they were able to fix it by adding the following origin:
http://localhost:1410
on the appkey page. This is a bit surprising to me as the default * should cover all origins, but there you go.
Trying this today (11/23/2019), I could not get wildcards to work as Allowed Origins. You should specify the domain of where you are running the call for authorization.
One source of confusion: The comments under "Allowed Origins" on https://trello.com/app-key refer to sites that "your application is allowed to redirect back to following the authorization flow." That was a bit confusing to me. The list should include sites you want to redirect back to IN ADDITION TO the sites you are calling Trello.authorize() from.
If you are thinking "I don't need a redirect" (and, in fact, if you are using client.js, I don't think you can specify a redirect), then those comments under "Allowed Origins" could lead you to believe you don't need to specify anything there. That would be incorrect.
Summary: Even if you want NO post-authorization re-direct, you still have to list an ORIGIN.
Also, you cannot specify file:// in Allowed Origins, so you cannot run your javascript off a local file.
I am developing an application in Salesforce that should communicate with a server to get some data. the server address is like this http://192.168.115.22/.
this is the HttpRequest object i am constructing in my Apex code is :
HttpRequest request = new HttpRequest();
String username = "myLogin", passwd = "myPassword";
String dataUrl = 'sli=on&fli=on&login=' + username + '&password=' + passwd + 'the rest of data';
request.setMethod('POST');
request.setEndpoint('http://192.168.115.22/Services/getLicenses');
request.setHeader('Content-Type','application/x-www-form-urlencoded');
request.setHeader('Content-Length', String.valueOf(dataUrl.length()));
request.setBody(dataUrl);
Http http = new Http();
HttpResponse response = http.send(request);
But the response i am getting contains this error :
The following error was encountered while trying to retrieve the URL: http://192.168.115.22/Licgen/Service/getLicensePackage?
Access Denied.
i don't know what is the problem with the url i am constructing, and when i write the url manually in my navigator i have access to the server.
Any help please.
This issue, in light of having already been added to the whitelist for endpoints, I think has to do with the fact that 192.168 IP addresses denote local IP addresses within a network normally.
It's likely that you can reach it because you're on your network, but Salesforce cannot see your network from the inside. You would need to use something like ngrok.com which allows you to expose a local machine to an outside available IP address.
You can also find out your router's IP address if you are at home, and port forward to your 192.168.115.22 local machine through it to expose it to the outside world, but I've had a much easier time with ngrok.com for easy integration testing with my applications.
Some Information On 192.168 addresses
(Adding this answer because my other answer could legitimately solve someone searching for the same issue above)
This issue may have to do with the fact that Salesforce prevents outside calls to un-authorized endpoints. Fortunately, it is a simple matter of adding an endpoint to the whitelist of authorized outbound connection points.
Under the setup menu option, and then again under teh security menu, there is a menu item called remote site settings. Within this option you'll see a list of sites you are allowed to access from within Salesforce. If your endpoint isn't in the list, add it and you may get a different result.
Please let me know if you have already added this to the whitelist and it is still a problem.
I am trying to send activation mail to the currently registered user.In mail body,I need to send a link like http://example.com/account/activation?username=d&email=g.Now, for debugging on local machine, I manually write it as localhost:30995/account/activation?username=d&email=g. But, when my port number changes, I need to rewrite it.
I tried another question
on this website,but, compiler gives error like url.action doesnot exist.
Please give me fresh solution as I am confused with that solution.
Use a Url.Action overload that takes a protocol parameter to generate your URLs:
Url.Action("Activation", "Account", new { username = "d", email = "g" }, "http")
This generates an absolute URL rather than a relative one. The protocol can be either "http" or "https". So this will return http://localhost:XXXXX/account/activation?username=d&email=g on your local machine, and http://example.com/account/activation?username=d&email=g on production.
In short, this will stick whatever domain you're hosting your app on in front of your URL; you can then change your hostname/port number/domain name as many times as you want. Your links will always point to the host they originated from. That should solve the problem you're facing.
Try using IIS / IIS-Express instead of Casinni web server that comes with visual studio.
You could add bindings to have the right URL (with host entries of course).
This will avoid the port numbers in your links.
I have an app in the App Store that interects with a RESTful Rails app hosted on Heroku. I did the terrible mistake of hardcoding the API's base URL to myapp.heroku.com instead of using the top level domain.
I'm now in the process of migrating to a new server so I'm trying to see what are my options to make the transition seamless to my iPhone app users. I thought of creating a Rake app that redirects all the traffic from that heroku subdomain to my new server address, but then I read that HTTP 1.1 doesn't allow POST redirection (my API having several POST endpoints). I could always redirect my POST requests as GET ones, but that definitely doesn't feel right.
Is there any other option I might be missing? Is there any way Heroku would accept to change the A records of my subdomain to point to my new server IP?
I ended up doing as John said and change my API endpoint inside my app. To keep previous versions of the app working (which have the heroku subdomain hardcoded in them), I ended up writing this quick Sinatra app and replaced my original Heroku app with it:
require 'sinatra'
require 'mechanize'
API_BASE_URL = "http://newdomain.com"
get '/*' do |path|
url = URI("#{API_BASE_URL}/#{path}")
agent = Mechanize.new
agent.user_agent = request.user_agent
headers = {'AUTHORIZATION' => request.env['HTTP_AUTHORIZATION']}
page = agent.post(url, params, headers)
content_type :json
page.body
end
get '/*' do |path|
url = URI("#{API_BASE_URL}/#{path}")
agent = Mechanize.new
agent.user_agent = request.user_agent
headers = {'AUTHORIZATION' => request.env['HTTP_AUTHORIZATION']}
page = agent.get(url, params, nil, headers)
content_type :json
page.body
end
(this code could probably be reduced down to a single method)
They wouldn't update their DNS for you - *.heroku.com will be a wildcard DNS entry, they don't add a new subdomain each time a site is added.
It would seem the best solution would be to fix it properly. Attach the new domain to your existing application on Heroku, it will still be accessible on app.heroku.com and yourcustomdomain.com.
Then, update your iOS application to use the new customdomain for it's endpoint. Once it's all working, reduce the TTL on the DNS entry and then repoint it at your new server.
I have a flash video player which requests a flv file from a central server. That server might redirect the request to a server from the user's country if possible, a lot like a CDN.
This video player also reports usage stats. One thing I'd like to report is the true server/location from which the player is streaming the video from. So basically, if it gets redirected I want to know about it.
It seems that you can't extract the url from a URLLoader, you can only keep a copy of the URLRequest that you constructed it with.
I notice that you can listen for HTTP status events, which would include a 302 or similar. But unfortunately, the HTTPStatusEvent object doesn't show the redirected location.
Any ideas about how to monitor for a redirect, and get the redirected location?
I'm a bit surprised Flash allows you to redirect a video request at all. I did a bit of digging and it looks like you can get the info:
Handling Crossdomain.xml and 302 Redirects Using NetStream
His post specifically talks about the trouble of security issues that arise because of the fact some operations fail if data is from an untrusted server. Since he doesn't know where his video is coming from (302 redirect) the Flash Player doesn't trust it and prevents some operations on the loaded content.
How he gets the server the content was actually loaded from is to do an operation on the file that should not be allowed and he parses the domain information from the error message:
try
{
var bit:BitmapData = new BitmapData(progressiveVideoPlayer.measuredWidth, progressiveVideoPlayer.measuredHeight, false, 0x000000);
bit.draw(progressiveVideoPlayer);
}
catch(error:SecurityError)
{
var list:Array = error.toString().split(" ");
var swfURL:String = list[7] as String;
var domain:String = list[10] as String;
domain = domain.substring(0, domain.length - 1);
var domainList:Array = domain.split("/");
var protocol:String = domainList[0] as String;
var address:String = domainList[2];
var policyFileURL:String = protocol + "//" + address + "/crossdomain.xml";
Security.loadPolicyFile(policyFileURL);
}
Notice he is doing it so that he can load the policy file (to allow the security restricted operations on the file). I'm not sure it will be helpful to you but at least read the article and have a think about it. You may contact the blog author directly too - he is pretty active in the general Flash community.