I'm going to use satellite tiles as texture for terrain mesh.
However when I create texture out of it I get security error.
Does HERE Map tiles server support CORS?
Or do I have to workaround it (proxy / php)?
They used to. Something's changed recently and maps stopped working for externals.
"No 'Access-Control-Allow-Origin' header is present on the requested resource" is exactly the error you get now.
I'm trying to find information, perhaps a simple config mistake from HERE, but has been several days now though..
Edited:
Here's the HERE quick start map example (modified only for https mode) https://dl.dropboxusercontent.com/u/4728771/hack/here.html
It gives the error above and generates 403s.
In General the tiles do support CORS , you should be able to check the response header for 'Access-Control-Allow-Origin:*' to verify that.
Related
Trying to make a request like shown below
(https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http#code-try-15)
picture
picture
Tried to see if it works on their graph explorer ---> https://developer.microsoft.com/en-us/graph/graph-explorer
I need specifically to make this request work ---> https://graph.microsoft.com/v1.0/users?$search="displayName:wa"
But as you see I get this error which suggests that I didn't add the consistencyLevel header but I did, in multiple ways. It's annoying :))
============================================
Update:
I logged in my student microsoft account and now I got this
picture
You missed the "?" in the url
====================Update====================
It can work, but you need to send request with a correct access token. I'm afraid it met some issue when test in the self-contained test tool.
Let's say I use the website: redacted.com
Website works fine when I am using it normally.
When I start using BURP SUITE PROXY to intercept requests, I start to have this error:
[2021-04-14T02:45:46.724Z] #firebase/firestore: Firestore (7.24.0): Could not reach Cloud Firestore backend. Backend didn't respond within 10 seconds.
This typically indicates that your device does not have a healthy Internet connection at the moment. The client will operate in offline mode until it is able to successfully connect to the backend.
Error: Uncaught (in promise): FirebaseError: [code=unavailable]: Failed to get document because the client is offline.
Please provide me the solution to this.
The answers do not work anymore due to the Firebase updates - i will give you a short instruction on how to find your custom match-replace rule:
make sure to activate "Intercept Server Responses" in the proxy options tab.
go "intercept" tab
set your burp proxy to "intercept is on"
type "this.forceLongPolling" in the search bar on the bottom
forward the requests until you find a match
there should be a pretty big response file containing something like this:
constructor(t,o,u,p,D,Q,Te,it){
this.databaseId=t,this.appId=o,this.persistenceKey=u,this.host=p,this.ssl=D,this.forceLongPolling=Q,this.autoDetectLongPolling=Te,this.useFetchStreams=it
}
in my case it contains the string "this.forceLongPolling=Q"
now create a match replace rule for this very special string to replace "this.forceLongPolling=Q" with "this.forceLongPolling=true" and make sure to choose "response body" as type:
Screenshot Rule
Using the idea of this troubleshoot (https://github.com/firebase/firebase-js-sdk/issues/1190#), i made the following Match and Replace in my Burp Suite and it worked!
this.forceLongPolling=void 0!==t.experimentalForceLongPolling&&t.experimentalForceLongPolling
to
this.forceLongPolling=true
And someone said before
This can change depending on the version of firebase-js-sdk so it's best to look around for experimentalForceLongPolling within your JS files and make sure it gets enabled.
Workaround for this issue (source).
For Burp, the following match and replace worked for me:
this.experimentalForceLongPolling=!!t.experimentalForceLongPolling
to
this.experimentalForceLongPolling=true
This can change depending on the version of firebase-js-sdk so it's best to look around for experimentalForceLongPolling within your JS files and make sure it gets enabled.
Faced the same issue. What worked for me is adding “firestore.googleapis.com” to the “No proxy for” option in Firefox’s proxy configuration.
Firefox Proxy Configuration
I use Uber's API to create a WordPress plugin so people can order taxis to your physical location.
I'm looking at integrating the Price Estimates using the endpoint here - https://developer.uber.com/v1/endpoints/#price-estimates - I've a solution but having a bit of problem implementing it.
I'm getting an error on testing which in Google Chrome Developer Tools which states "Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers."
I suspect it's due to the fact that the testing server is insecure, as the app Origin ID and Redirect ID begins with https:// (as I'm unable to add http://).
Will I be able to access the price estimates over http at all? I'm using the server_token way of authentication as feel it's probably the best way to do it.
Any help would be gratefully received :)
The Uber API only, and will only ever, support HTTPS.
We've just discovered that one of Cloudfront's edge locations is returning a zero-byte file for one of our javascript assets. The invalidation is running right now, but I'm beginning to think this phenomenon may be the source of widespread but strangely un-reproducible bugs that our customers have been reporting for months now.
We're using Cloudfront with a Custom Origin (Nginx serving static files from an EC2 server). It would appear that with every deploy to our application that introduces new asset names (e.g. changed file version), we have a non-zero chance of one or more Cloudfront edge locations getting a 0-byte file.
Is there any way to avoid this?
Is there any way to detect this?
[sentiment redacted]
There is a very similar problem which has been discussed on the AWS forum. It seems to boil down to your server not sending a Content Length header with your custom origin.
Note the excerpt from the forum, which may be related:
Unfortunately your origin doesn't appear to provide a Content-Length
header. Without a Content-Length header CloudFront can't determine
that a truncated object was received and will cache it. If your origin
can send a Content-Length header any truncated objects will not be
cached. See the Developer Guide for more details.
Try adding the ContentLength header, that should do the trick.
What this is NOT
a) a "sensor=true_or_false" issue
b) a key is wrong issue (unless the key I got has limitations)
c) too many requests (since I only make one request)
d) cross domain (since I load the url from the browser location bar)
What I did
Signed up http://code.google.com/apis/maps/signup.html
Tried the example on that page in the location bar (I know about cross domain from script)
works fine
Read the documentation
Pasted their example exchanging their key for mine
returns
{
"html_attributions" : [],
"results" : [],
"status" : "REQUEST_DENIED"
}
So far all entries failed due to wrong key or sensor=true_or_false
And for example the url in this one Google Places API jQuery.ajax() request fails with working URL
also gives me error when pasted into the browser.
What did I miss?
UPDATE
So I went to get some keys
Key for browser apps (with referers)
API key:
AIzaSyCStj9m5LNTu9mCf6cQGDVAFKZC7Y?????
Referers:
Any referer allowed
Activated on: Jan 30, 2012 1:03 PM
Activated by: me
and tried again. Still does not work.
This is actually (b): wrong key. Actually, you're using the wrong kind of key (from Sign Up for the Google Maps API which is only good for the JavaScript V2 API).
Please see Obtaining an API Key for how to get a new API key, of the new kind.
Edit: At the time this question arose, valid API keys that worked on Geocoding API did not work on Places API, but now seem to work fine. Looks like some issue on Google side.
I just got a REQUEST_DENIED response when making an autocomplete request in a Ruby app. It turned out that I had not specifically switched on the Places API in my google api console.
Go to: https://console.developers.google.com and login.
In the left menu go to "APIs & auth" -> "APIs"
Then find the "Places API" option and click on the status to the right to toggle it to "on"
This fixed the problem immediately for me.
Ohkay this worked for me and i know it will work as we are making the same mistake.
First go to API's and enable the google places api for web.
After that, go to credentials and in the credentials where your key is showing, click on it.
After clicking, in the restrictions tab, choose what will be the API will be doing.
Set that up, restart your script and voila... it will be done.
I faced the same issue. But was able to resolve it after enabling the Places API from Google console. I used the 'server' key to make a call from application. Hope this helps for others looking for solution.
This issue has been discussed on many threads here... but the bottom line is you should check your code to see if u are sending out too many requests at a time to the google API.
You are only allowed to send 1 request per 1 minute.
MKErrorDomain error 4 iPhone