I am developing mobile apps with appcelerator. My problem is, I am not able to calling REST web service using Android emulator i.e server is in my local system
I am getting "not found" error message, also I am using my local IPV4 Address in emulator, but no luck.
I think you need to access your REST services from your local server from your emulator.
So if you are using your REST services using localhost then try as follow.
If your webservice URL as below,
http://www.example.com/YOUR_WEB_SERVICE_NAME
Then replace www.example.com with 10.0.2.2 because you are running your application from emulator, so you will have to use your localserver using 10.0.2.2.
Related
I am using a React client and a node js server (MERN Stack). The server runs good on my pc but when i try to connect from my mobile phone to the ipv4 of my pc with the correct port I am unable to send requests to the server. I tried to change the proxy of the React app but it doesn't seem to work.
Do you know what the problem might be?
Thanks.
That could be a network issue if your are trying to access your PC from an external IP (Phone not connected to local network, wifi), for example the PC connected to a router that does not forward external traffic to it.
If you can, try connecting your phone to the same network via wifi and access the local IP:PORT instead of ipv4.
In my development local environment, I'm using Firebase emulators for Hosting, Firestore and Functions.
I'm used to share a link with other people during development by using ngrok. I also use it to test on mobile devices during development.
This is the script:
"share": "ngrok http 80 -host-header=\"dev.myproject.com:80\"",
It works fine as far as redirecting to my dev domain host, which is dev.myproject.com.
But the emulators services become unavailable when you are accessing this link through a different device, i.e: a different PC or a mobile device.
Obviously, the firebase package is looking for those localhost emulators, which are only running in my local environment.
What is the workaround in this case? How to share a dev environment with other people / other devices when using firebase emulators? Is there an easy to do this?
Do I have to create an extra Firebase project to deploy the test version and its data and files? How do people usually handle this?
We are currently trying to do this using ngrok as well.
We are barely testing if it works, and so far it is doing so. So I'll share our work around with you.
What we do is
Start emulator firebase emulators:start (--import seedData if using )
Expose your server to the internet using ngrok by first starting it with ./ngrok http http://localhost:5001 (check your firebase.json in order to see what port your emulators.functions are exposed, in my case was port 5001)
This will output two URLs, with the following format https://[TWILIOADRESS].ngrok.io
In order to be able to invoke the implemented https function via its unique URL, append this to the provided ngrok URL: [project-id]/[project-implemented-region]]/[cloud-function-name]
You will end up with an URL that looks like this:
https://92003e41ecb0.ngrok.io/my-project-id/us-central1/cloudFunctionToExecute
Now you can make a request (from postman, in my case) to the exposed function emulator using this URL
If everything went alright, you should see some logs on the terminal where the emulators are running that tell you the function was executed, such as:
functions: Beginning execution of "us-central1-cloudFunctionToExecute
You can also check status and metrics information about connections made over your tunnel from the UI terminal provided when you start ngrok. ngrok provides a real-time web UI where you can introspect all of the HTTP traffic running over your tunnels. After you've started ngrok, just open http://localhost:4040 in a web browser to inspect request details
I've been trying to make a cordova app get information from a python server. I am relatively new to JavaScript but I've been trying to connect using sockets, but I couldn't get them to communicate and I can't use API since cordova blocks cross domain APIs.
How can I get them to communicate?
First, run two servers in the same domain. And use proxy server.
Here's an example case.
If your major app is one of Python, set proxy as:
yourdomain.com/ -> Python server
yourdomain.com/elsewhere/ -> Cordova server
Or you could set cordova app as the major app.
Second, communicate between them via HTTP or socket. It also can be done sharing a temp file or database.
The issue is that your API Server does not respond using CORS. If you can setup your python server to respond using CORS (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS). There would be no issues. If it will work with the chrome developer Console then it works with cordova.
If it you can not make that, I would suggest writing a Firebase Functions that becomes a man in the middle to the story.
We are developing a web page that use https protocol (two way).
We need to access to the private certificates of the user, because we need sign documents by the user's certificate, so we developed a Java application that communicate with the web by a websoket.
This application will call with a protocol call since the web (same that when you open a pdf on Acrobat Reader from a browser).
So we have to be sure that our web is calling to the native application(only our web). We want develop a system to be sure of that. Our idea:
Send a public key, a signed token by the server's private certificate and a symmetric key (to encrypt websocket communications) to the native application.
Next, we will Check in the native application that the token it is OK with a web service to the server.
After, we will have to open the websocket between the native app and the web, and send the signed document by the native app by this way.
Then sent document to the server.
Is this implementation safe? We will be safe of a man in the middle?
Any suggestion about this solution will be wellcome, because I don't see any weakness but I am not an expert on security.
I know other solutions for this problem, like applets, JavaFX or native messages on Chrome, but I only want to know if these solution is safe.
Thanks to all in advance and sorry if my english isn't the best :P,
I see the following issues
Send a public key and a signed token by the server's private certificate to the native application.
You are calling a local app by protocol. For example mylocalapp://sign?securitytoken=.... You do not control which application is installed on local PC to respond to mylocalapp://. The browser shows an ugly warning because you are leaving the secure environment. An attacker could have replaced the default app, simulate the flow and get all signed documents.
2.Next, we will Check in the native application that the token it is OK with a web service to the server.
To verify identity of server and avoid a ManInTheMiddel attach you need also to set a trustore for your application with the server certificate
Your server needs also to verify identity of client. Are you planning to use TLS two ways also?
After, we will have to open the websocket between the native app and the web, and send the signed document by the native app by this way.
You do not need a websocket. Simply use a URL connection to download and upload the documents.
This solution was used by Spanish ministry of economy when chrome decided to cut the NPAPI support and signature applets began to fail. Now, they have rebuilt the system in this way
Install a local Java application on the user's PC. The application listens on a port as, for example 5678
In your page, javascript connects to the application in the form http://127.0.0.1:5678/sign and sends the data to sign.
The application is local and has no trouble using the operating system keystore, which includes drivers PKCS#11. Perform digital signature and sends the result to the server
The javascript of the page periodically query the result and retrieves it when ready
The security problem is basically the same, but install a server in localhost is harder than replace the local default app.
The solution is called #firma, I guess you probably know it. It is opensource, you can use it
I want to debug a WebApi Client Project.
The client sample comes - ready to use - from Azure. I configure it to use my local WebAPI backend by changing the line that says
var client = new WindowsAzure.MobileServiceClient('https://myproject-code.azurewebsites.net', 'https://someGateWay.azurewebsites.net', '');
to
var client = new WindowsAzure.MobileServiceClient('http://localhost:59477/', '', '');
As you see, the API runs on port 59477. When I refresh the client (Port 4400), it queries the API and runs into a CORS Exception:
No 'Access-Control-Allow-Origin' header is present on the requested resource
How can I set this up to develop and debug the server and client locally?
I haven't tried this because I normally use the JavaScript backend for my Mobile Apps, but you just need to tell the Mobile App to allow localhost to access it via CORS. This article on Azure Mobile Services .NET Adds CORS Support, Better Authentication should get you there.