JavaScript API Domain is restricted to localhost phonegap - javascript

I am trying to get linked in authentication on my phonegap app so I am using the javascript sdk
What domain do I add to the authentication list? I keep getting the error "JavaScript API Domain is restricted to localhost"
and I tried this: http://www.benwagner.net/mobile/linkedin-developer-api-javascript-domains-cordova-mobile-app/
But linkedin won't allow file:/// anymore

I can see that there seems to be no way to support mobile application Java Script API domain. As the mobile application has no public domain but just a socket, it's a client.
As the link that you have provided claimed to have found a solution in 2013 by just mentioning the protocol file:/// in the domain. However I found another link from 2014 which says that this doesn't work anymore. May be you can try adding file:///, http://localhost.
This should in effect (if the file:/// is allowed) should allow your application on mobile and in localhost browser to sign in.

Related

How can I bypass CORS security in a browser?

I have a Javascript application running in a browser, and I want to access some data sitting in a server that can't enable CORS.
It's not a testing application, is meant for the end-user, even if a little techy one.
I considered:
PHP Proxy: Not appropriate. Server on the other side make decision about IP geolocation.
Java/SilverLight: Unfortunately my #1 target is Chrome
JSON: Not available
What are my options?
Please notice that I'm not trying to make any malicious application: if the user need to approve or allow me to make this request is totally fine.
You are trying to do exactly what the Same Origin Policy is designed to prevent (and what CORS is designed to allow the server to permit).
Your options are:
Find a way to work with whomever controls the server
Get the users to download and install software which isn't subject to the Same Origin Policy (such as a stand-alone application or a browser extension).
You need to ask your users to install chrome extension to overcome CORS. I used to use it while developing ionic apps and testing on chrome
https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi?hl=en
https://chrome.google.com/webstore/detail/cors-toggle/omcncfnpmcabckcddookmnajignpffnh?hl=en

Twilio client WebRTC not working on chrome

I am using Twilio Client softphone in my application and it is working fine on my local system for both inbound and outbound call but when I deployed it on Server (AWS ec2 instance) always I am getting below error on chrome for inbound and outbound call.
getUserMedia() no longer works on insecure origins. To use this feature, you should consider switching your application to a secure origin, such as HTTPS. See (google url) for more details.
I am including twilio.min.js in following manner.
<script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/v1.3/twilio.min.js"></script>
<script type="text/javascript" src="https://media.twiliocdn.com/taskrouter/js/v1.4/taskrouter.min.js"></script>
You can see I am including js file by using HTTPS. Even after that I have downloaded twilio.min.js file and added in local directory and included js file by using local directory also but still getting the same error.
So how can I solve this issue.
The getUserMedia API requires you to use HTTPS on your site in Chrome (i.e. the script that executes getUserMedia). That has been the case for quite a while, see here for a detailed explanation.
From the docs: https://www.twilio.com/docs/api/client/twilio-js
You should use HTTPS to serve your page. Starting with Google Chrome
47, HTTP applications will no longer be allowed to call getUserMedia()
and will not be given access to the user's camera and microphone.

Facebook integration in cross-platform mobile apps

I am using Parse for JavaScript, and is working with the ionic framework within the Intel XDK.
I am trying to incorporate social media login, where users are able to signin using facebook.
I generally know how to navigate this but my main concern is the following:
I am using facebook for javascript where it requires a URL, and when that URL is not accessible it doesn't work. Hence, on an iphone or android I cant use facebook yet.
The specific error I get is the following:
Warning
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains.
What have I done as far?
I went over the following guide thoroughly:
http://www.benjamin.my/how-to-set-up-facebook-connect-plugin-and-parse-com-in-ionic-phonegap/
It does mention near the end of the guide that
You may have to add an iOS setting or Android setting too eventually when you deploy to either platform.
and this is the part where I am having issues, and for a while.
Have you set <access origin="*" /> in your config.xml so you can access all external domains?
See the cordova whitelist guide for more information on the subject.

How may a web page that is loaded via https connect to a WebSocket server running on localhost?

I'm trying to create a web page that can connect to a client-local WebSocket server. The idea is to use the JavaScript client running in the browser as kind of a proxy to enable communication between the remote web server and the locally installed client application which implements the WebSocket service.
So basially, what I'd do is load a web page from https://example.com which includes some JavaScript that opens a new WebSocket to ws://localhost:1234/context.
This works fine as long as the web page is accessed via http. As soon as https is used, however, Firefox and Internet Explorer refuse to connect and the WebSocket constructor throws an exception (SecurityError, code 18).
Now, I already found advice from Mozilla stating that https sites should only use secure (wss://) WebSockets and plain http sites should only use plain WebSockets (link). But I don't really see the security issue when connecting to localhost from within an https context. Besides, this works like a charm for Chrome, Opera and Safari.
So the actual question is: Is there any way to work around this issue? Like introducing a non-https context inside the web page or something similar to get all browsers to connect to ws://localhost from within a https-delivered web page?
Thanks a lot in advance! I'm not exactly a web developer so this kind of browser-specific behaviour isn't really in my fields of expertise :)
You have to accept the cert first.
You can do this by simply going to https://localhost:1234/context, in your case. Once that's done, you can use the wss URL in your question.

Google+ Sign in from Javascript - Invalid Parameter value for origin

I've been going through the steps to add a Google+ Sign-in to my web application as found in https://developers.google.com/+/web/signin/
When used in a 'typical' web site, the 'client side' flow works just fine. Now, I'm trying to integrate this Google+ sign inside PhoneGap. Since PhoneGap runs the web page as a file:// URL, the origin that gets sent in the request is file://. In every other PhoneGap I've written, this hasn't been a problem.
However, when I click the Google+ sign in button from my page in PhoneGap, the origin being sent as file:// causes the following error message:
Error: invalid_request
Invalid parameter value for origin: Missing authority: file://
I went to the Google API console and tried to assign file:// as an authorized Javascript origin. But, of course, it doesn't allow file:// to be entered as an origin.
So I'm wondering if anyone has any insight in how to do this kind of web-style (Javascript) Google+ sign in from within PhoneGap (or from a local web page where there is no server - just a page being run as a file://). I really don't want to have to do the sign-in in native code and then integrate the token back over into the 'PhoneGap' realm since that kind of defeats the purpose of writing the app once for multiple platforms.
My understanding is that you cannot use the standard client-side flow with Cordova/PhoneGap because file:// is not a valid origin.
However, you can use the In-App Browser plugin along with window.open, which will allow to initiate a "standard" client-side flow from within the application. You then listen to events on the opened window to deal with the responses.
The plugin works cross-platform so you won't have to maintain multiple native implementations.
The ng-cordova-oauth library implements this for AngularJS.
For more details about the implementation, see this tutorial for details, as well as the Google OAuth documentation.
For file://, the thing works differently.. try this as your origin: http://localhost:4567
or try this tutorial: here

Categories

Resources