I am trying to integrate google recaptcha with cordova html5 application. But cordova uses file protocol in the application. So using captcha in the app gives "Error: invalid domain for site key".
I am using cordova 3.5.0 for building the application and <access origin="*" /> is added in config.xml.
Is recaptcha can be used only for web applications and not for hybrid/native aapplications?
I successfully made it working by using cordova-plugin-ionic-webview
Note that my project was not a Ionic project, so any cordova project can use it
What I did :
Configure Re-Captcha admin console to allow myapp.local domain
Configure cordova-plugin-ionic-webview preferences :
Add a <preference name="Hostname" value="myapp.local" /> in config.xml file
Add a <allow-navigation href="https://www.google.com/recaptcha/*" /> in config.xml file
Add a <allow-navigation href="http://myapp.local/*" /> in android's specific section in config.xml file
Install ionic webview plugin : cordova plugin add cordova-plugin-ionic-webview#4.1.3
Add recaptcha (v3 in my case) to your index.html file : <script type="text/javascript" src="https://www.google.com/recaptcha/api.js?render=MY_RECAPTCHA_KEY_HERE"></script>
Call recaptcha API in your JS code :
grecaptcha.ready(function() {
grecaptcha.execute("MY_RECAPTCHA_KEY_HERE", {action: 'my-page'}).then(function(token) {
console.log("Acquired recaptcha token : ", token);
}, function() {
console.error("ReCaptcha token acquisition failed", arguments);
});
});
reCaptcha cannot be used directly in a cordova project because of protocol issues. Either
-we have to load reCaptcha url in a separate webview
-Use secure token way of loading reCaptcha that they introduced recently (https://developers.google.com/recaptcha/docs/secure_token)
You should now use your App package name (November 2017). As part of your reCaptcha configuration you specify the domains or mobile package names that will use the service. If you use "localhost" for development, you must add it to the list of domains.
For mobile users, the API key pair is only unique to the specified package names (for example, com.google.recaptcha.test).
However, if your domain or package name list is extremely long, fluid, or unknown, you have the option to turn off the domain or package name checking on reCAPTCHA's end, and instead check on your server.
Use of secure tokens is not advised as this is now a depricated feature.
Reference:
Domain/Package Name Validation
Related
I have created a web addin for Outlook. I have debugged the addin by sideloading from my localhost. I am now moving the addin to a remote server and I seem not to be able to get the addin installed. I changed the urls in the manifest to a hosted url. I have gotten a variety of errors. But the most frequent is an error during install (Installation failed - Internal server error occurred). Is there any any procedure to follow for migrating the addin to a web url? I thought this would be a simple transistion. :-)
The url for my manifest has the format of https://example.com/myaddins/companyname/manifest.xml
I've made a ember app deployed on heroku. Heroku provides me an ssl certificat so https is working on my website.
I want to force visitors to uses https. I've found some answer telling to do-it in a client side, but since the client can modify JS he will be able to pass-by the force https.
I'm thinking about doing it in a beforeModel of the ember app.
What's the best approach ?
Many thanks
So guys,
I was able to force HTTPS by adding a static.json in my root folder of the app.
And in this static.json just add
{
"https_only": true
}
commit, push to heroku and that's it !
I am working on a hybrid mobile app using Ionic Framework and AngularJS. I am using Ionic Creator & Ionic Lab. In my app, I have several buttons that link to external resources (webpages, mailto: links, pdf files etc). The links work fine when I test them within the browser (Ionic Lab). However, when I test the app in an Android virtual device or an actual device, none of the links are working.
I found a question where someone had a similar issue:
/questions/33627061/ionic-simple-href-not-working-on-android-device
I tried Implementing all the proposed solutions from adding to config.xml:
<allow-navigation href="*" />
Installing cordova inappbrowser plugin via:
$sudo cordova plugin add cordova-plugin-inappbrowser
I tried using ng-click="some_function()" instead of href, then defining the function in my controller.
The OP on that question finally resolved his issue by commenting out/uncommenting from index.html:
<!-- cordova script (this will be a 404 during development) -->
<script src="cordova.js"></script>
Looking at my browser console logs there was a 404 not found for cordova.js, so I manually added it to www/ from the platform_www/ directory for android, as well as cordova_plugins.js
However after trying all this, the links are still not working. In my consol logs I now get an error saying:
GET http://localhost:8100/plugins/cordova-plugin-inappbrowser/www/inappbrowser.js 404 (Not Found)
Uncaught Error: Module cordova-plugin-inappbrowser.inappbrowser does not exist. http://localhost:8100/cordova.js Line: 1421
But the thing is inappbrowser.js is in that folder!
Please help! I'm at wits end and have no idea what to do next. I have uploaded the sample code I'm working with on github:
https://github.com/chmod-777/link-test
Software versions:
Linux mint 17.1
node v0.12.2
npm 2.7.4
cordova 6.2.0
ionic 1.7.14
For starters, try changing the way you're calling the open method in your controller code to this:
.controller('pageCtrl', function($scope, $window, $cordovaInAppBrowser) {
$scope.open_google = function() {
$cordovaInAppBrowser.open('https://www.yahoo.com/', '_system', 'clearcache=yes');
// I also tried this
//$window.open('https://www.msn.com/', '_system', 'location=yes');
// and this
//window.open('https://www.netflix.com/', '_system', 'location=yes');
}
})
I have used the inappBrowser plugin with Jquery mobile.It worked fine.
ref=null;
var url= accRestService.someURL;
if( device.platform === "Android"){
ref =cordova.InAppBrowser.open(url, "_blank",'location=no,clearcache=yes,hardwareback=no,zoom=no');
}else{
ref =cordova.InAppBrowser.open(url, "_blank",'location=no,clearcache=yes,closebuttoncaption=Go back to App,toolbar=yes,presentationstyle=formsheet');
}
ref.addEventListener('loadstart',onBrowserLoadStart);
ref.addEventListener('loadstop',onBrowserLoadStop);
ref.addEventListener('loaderror', onBrowserError);
ref.addEventListener('exit', onBrowserClose);
First, make sure that you have installed the cordova plugin "inappbrowser"
cordova plugin add cordova-plugin-inappbrowser
(see https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/index.html)
Then, you can use for example :
try {
var uri = "http://some-example.com";
cordova.InAppBrowser.open(uri, '_system');
} catch(e) {
window.open(uri, '_blank');
}
the catch block will be used as a fallback when testing the app in a browser.
We have a web app that's using LoopBack from Strongloop for the API and backend, and Angular on the frontend, with Cordova used to package for mobile. The web app and iOS target from Cordova work great as expected, but when we try to build for an Android device the app server is unreachable from the device. More specifically, after loading the client app and trying to log in, the device makes a POST to my API but never receives a response (and as far as I can tell the request never actually hits the server).
Here's what I've tried so far:
Make sure that access is set to origin="*" in config.xml
Make sure that a Content-Security-Policy meta tag is set in my (single-page) app's index.html, allowing remote network
Make sure that the INTERNET permission is being correctly set in the Android Manifest
Make sure that the app server is reachable from the device in browser
Make sure the generated lb-services.js Angular service has the correct API address
Try generating an Ionic Framework app and dropping my app code into that in case it generates something I need
Since I'm able to get my app running in iOS using Cordova without any issues, I'm thinking there must be something particular to my Android configuration here. I did encounter a separate issue where a plugin that was installed was not compatible with the latest Cordova, but removing that plugin seems to have resolved that. What is different about building for Android that would keep this from working?
EDIT:
I've switched to using Phonegap Build in the hopes that it would be an easier workflow, but I still see the same issues.. Here is the whitelist/CORS configuration that I'm doing:
meta tag in index.html:
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src * 'self' 'unsafe-inline'; script-src * 'self' 'unsafe-inline' 'unsafe-eval'">
config.xml (Phonegap Build, identifiable info removed):
<?xml version="1.0" encoding="UTF-8" ?>
<widget xmlns="http://www.w3.org/ns/widgets" xmlns:gap="http://phonegap.com/ns/1.0" id="..." version="1.0.0">
<name ... />
<description ... />
<author ... />
<icon src="icon.png" />
<gap:splash src="splash.png" />
<preference name='phonegap-version' value='cli-5.1.1' />
<gap:plugin name="com.indigoway.cordova.whitelist.whitelistplugin" version="1.1.1" />
</widget>
Install https://github.com/apache/cordova-plugin-whitelist since Cordova 5.0.0 is mandatory for CORS query.
Have you installed it ?
If not, this is certainly your issue ;)
It turns out that I was setting <access origin="*" /> in my original Phonegap configuration, but not in my Phonegap Build settings. Making sure that <access origin="*" /> is present in the config.xml used by Phonegap Build seems to fix this.
I recently deployed a meteor app using the following command:
$ meteor deploy example.com
and later (thinking that it was the same) using the following:
$ meteor deploy www.example.com
It end up serving two different versions of the app, one hosted in example.com and other hosted in www.example.com.
Can I revert one of the deploys? Which one should I revert?
If not, what kind of configs should I set on my domain provider?
When people go to your page, do you want them to see mydomain.example or www.mydomain.example?
If it's mydomain.example, then you want to set your DNS zone file with an A record for the domain that points to the IP of origin.meteor.com
If it's www.mydomain.example, then you want to set your DNS zone file with a CNAME for the subdomain "www" that points to origin.meteor.com
Then, you want to set "domain forwarding" from one of those choices to the other. For example, I've set up http://playlistparty.net to forward to http://www.playlistparty.net.
After this, you just run:
meteor deploy www.playlistparty.net
You can delete the deployment you won't be using with the --delete option.
meteor deploy www.playlistparty.net --delete
Deploying on a custom domain name
Deploy meteor to your domain name:
meteor deploy mydomain.com
Set your CNAME record for *.mydomain.com or www.mydomain.com (if you only want to set the www subdomain) and mydomain.com to : origin.meteor.com
OR
point your 'A' record for *.mydomain.com and mydomain.com to : 107.22.210.133.
To remove an exising one you might have typed by accident:
meteor deploy www.mydomain.com --delete
If you want www to redirect to non-www you can use this method. You can also modify the code a little to do it other way around.
Simply set
# (CNAME) : origin.meteor.comm
www (CNAME) : origin.meteor.com
Then, deploy your main app (without www).
meteor deploy yourapp.example
Now, create a new meteor app called redirect with
meteor create redirect
cd redirect
Set the generated js file contents like this:
if (Meteor.isClient) {
var url = document.URL;
url = url.replace("www.", "");
window.location.href = url;
}
Then deploy your redirect app (with www)
meteor deploy www.yourapp.example
What you did is, you deployed two different applications to www and non-www of your domain. All the meteor app at www does is to redirect you to non-www domain. It will also redirect www.yourapp.example/some/path to yourapp.example/some/path.
I did a lot of googling on this, so I'll share what ended up working for me. I was looking for all queries to go to the HTTPS and www version of my site. Just setting up the CNAME did not actually change to redirect to the www version. I'm hosting on Modulus and ended up doing the following:
Force HTTPS
Modulus has an HTTPS redirect, else I've used the Force-SSL package and NGINX to do this successfully in previous apps not hosted on Modulus.
Point domain at hosting IP
Set up you domain, example.com, A-record to point at our hosting IP.
Set up my CNAME for 'www' subdomain to point to the same IP.
Force www
Set the environment variable ROOT_URL to 'https://www.example.com'
Download the canonical package: https://atmospherejs.com/wizonesolutions/canonical