I built a webpage on an ESP32 chip, charged to create an access point allowing my computer to connect in order to access this page.
For the moment I can only access it using the IP of my ESP by typing it in a browser but it can be very bothersome.
I'd like to know if it was possible to change the url of the page using words instead of the ESP's IP.
Maybe I'm missing some technical terms but I didn't find any solution on the internet.
PS: I'm using micropython with sockets to serve html files from the board:
def handleClient(client_socket):
headers, data = loadRequest(client_socket.recv(1024).decode('utf-8'))
# print('[*] Received:\n%s\n%s\n' % (headers, data))
if headers['method'] == 'GET' and '/connect' == headers['route']:#'/connect' in headers['route']:
ssid, password, status, code = connect(headers)
client_socket.sendall(RESPONSE_TEMPLATE % (code, status, {'ssid': ssid, 'password': password}, code))
return ssid, password
elif headers['method'] == 'GET' and headers['route'] == '/':
renderWebPage(client_socket)
client_socket.close()
return None, None
there are two parts needed to solve your Q:
publish a name (using mdns)
resolve that name from a client
MicroPython has built-in support for mdns since v1.12.
The essential code is to assign a hostname using the below:
wlan.config(dhcp_hostname="prettyname")
Note that your client also needs to have mdns support in order to be able to resolve that address. That may/will depend on your client.
a complete sample would be:
import network
wlan = network.WLAN(network.STA_IF)
if not wlan.isconnected():
wlan.active(True)
mac = wlan.config('mac')
host = "prettyname"
wlan.config(dhcp_hostname = host)
wlan.connect('myssid', 'mypassword')
while not wlan.isconnected():
pass
host = wlan.config('dhcp_hostname')
print('Wifi connected as {}/{}, net={}, gw={}, dns={}'.format(
host, *wlan.ifconfig()))
Source: MicroPython Forum
Certainly. The easiest option is enabling mDNS. This allows hosts in the same local network to resolve the device's name (e.g. espressif.local) into its IP. Only works in local network and requires an mDNS client on the computer (Mac, Linux and Windows all tend to have it built in these days).
No idea how to do it in Micropython, though. Give Google a try.
Related
In the AWS documentation for "Connecting to your DB instance using IAM authentication and the AWS SDK for Python (Boto3)", the following call is made to both psycopg2.connect (shown) and mysql.connector.connect:
conn = psycopg2.connect(host=ENDPOINT, port=PORT, database=DBNAME, user=USR, password=token, sslmode='prefer', sslrootcert="[full path]rds-combined-ca-bundle.pem")
cur = conn.cursor()
cur.execute("""SELECT now()""")
query_results = cur.fetchall()
print(query_results)
I see some discussion about the ssl_ca path (here and here) and what those bundles are used for. But none of the three links I've given here describe the [full path] component given by the AWS docs, or where it is pointing to. My current guess (from the second link) is this URL, but I'd like to be sure.
Additionally, what are the advantages to having this bundle downloaded to the remote EC2 on which these Python 3 (boto3) scripts are running?
EDIT: By the way, the above call to psycopg2.connect is working in Jupyter with Python 3.9.5 on an EC2 currently, with the [full path] written as-is...
You should replace the '[full path]' with the filesystem path (directory path) to where you saved the pem file when you downloaded it (from that last URL you gave) to the local computer.
The advantage of using it is that your client will verify it connected to the correct database, and not some malicious system which is intercepting your traffic. I don't how advantageous you consider this: if someone has compromised Amazon enough to be intercepting their internal traffic, they might also have compromised their CA as well. But there is at least some possibility they did one without the other.
Your code as shown does not work for me, because ssl_ca is not how it is spelled. Assuming you used the code actually given at your first link for PostgreSQL:
sslmode='prefer', sslrootcert="[full path]rds-combined-ca-bundle.pem"
Then the reason it works despite the bogus path is that "prefer" means it doesn't care if the rootcert is missing, it just skips validating in that case. If you change it to 'verify-full', then presumably it would stop working.
I have a fact table in Postgresql database and I what to build a PowerBI analysis with PowerBI professional.
If I let Postgresql accept connections from all internet IP addresses, it works but it is not safe. I'd like to limit the access only to Power BI servers.
How can I identify PowerBI incoming traffic? Is there a best practice to set up the firewall?
You should not open any connections from Internet. Yes, you can get a list of all Azure IP addresses, but this does not limit them to Power BI only, plus it is a manual process to update the list few times a year. A lot better solution is to install Power BI Gateway in your network, which will allow connecting from Power BI Service to your server on-premise.
In my case I prefered to update once in a while my pg_hba.conf with the white list from the official Microsoft list. The production file is overwrittern with a new file. The script replaces a comment line
#PowerBI
in a template pg_hba.conf file with the new list
With the new list
import requests
whiteListUrl = "https://download.microsoft.com/download/7/1/D/71D86715-5596-4529-9B13-DA13A5DE5B63/ServiceTags_Public_20210524.json"
modelFile = "/path/to/template/pg_hba.conf"
outputFileName = "/path/to/production/pg_hba.conf"
userName = "power_bi"
response = requests.get(whiteListUrl)
whiteLists = response.json()
for group in whiteLists["values"]:
if group["name"]!='PowerBI':
continue
text_file = open(modelFile, "r").read()
whiteList = ""
for address in group["properties"]["addressPrefixes"]:
whiteList += "host all {} {} md5\n".format(userName, address)
text_file = text_file.replace("#PowerBI", whiteList)
textfile = open(outputFileName, "w")
a = textfile.write(text_file)
textfile.close()
I would like to start websocket connections (ws://whaterver)
in OpenShift but somehow they always ends with ERR_CONNECTION_ABORTED
immediately (new WebSocket('ws://whatever').
First I thought that the problem is in our application
but I created a minimal example and I got the same result.
First I created a pod and started this minimal Python websocket server.
import asyncio
import websockets
async def hello(websocket, path):
name = await websocket.recv()
print(f"< {name}")
greeting = f"Hello {name}!"
await websocket.send(greeting)
print(f"> {greeting}")
start_server = websockets.serve(hello, "0.0.0.0", 8000)
asyncio.get_event_loop().run_until_complete(start_server)
asyncio.get_event_loop().run_forever()
Then I created a service (TCP 8000) and created a routing too and I got the same result.
I also tried to use different port or different targets (e.g.: /ws), without success.
This minimal script was able to respond to a simple http request, but for the websocket connection it can't.
Do you have any idea what could be the problem?
(by the documentation these connections should work as they are)
Should I try to play with some routing environment variables or are there any limitations which are not mentioned in the documentation?
Posting Károly Frendrich answer as community wiki:
Finally we realized that the TLS termination is required to be set.
It can be done using Secured Routes
I am trying the simplest example I can, pulled directly from their website. Here is my entire html file, with code taken exactly from https://peerjs.com/index.html:
<script src="https://unpkg.com/peerjs#1.3.1/dist/peerjs.min.js"></script>
<script>
var peer = new Peer();
var conn = peer.connect('another-peers-id');
// on open will be launch when you successfully connect to PeerServer
conn.on('open', function(){
// here you have conn.id
conn.send('hi!');
});
</script>
In Chrome and Edge I get this in the console:
peerjs.min.js:64 GET https://0.peerjs.com/peerjs/id?ts=15956160926060.016464029424720694 net::ERR_CONNECTION_REFUSED
In Firefox I get this:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://0.peerjs.com/peerjs/id?ts=15956162489620.8436734374800061. (Reason: CORS request did not succeed).
What am I doing wrong?
#reyad has requested "a full trace of requests and responses". Here's what I see in my network tab in Firefox:
And here's Chrome:
And a tiny bit more Chrome:
[Note: It would have been better if you could provide a full trace of requests and responses. This problem may occur for several reasons. I'll state two solutions. So, try those. If those doesn't work, provide full trace of requests and responses.]
1. First Solution:
Sometimes, this type of error occurs because of self-signed certificate. To solve this problem, open developer tools/options, then go to network tab. You'll see a list of requests. Select the request which was failed because of CORS(i.e. which gave you this Reason: CORS request did not succeed). Open it(i.e. click it). If your problem is related to cert you'll see the following error message:
AN ERROR OCCURED: SEC_ERROR_INADEQUATE_KEY_USAGE
To solve this problem, go to url that is the reason of this problem and accept the certificate manually.
2. Second solution:
Check the request(which is the reason of CORS) in the network tab of developers tools/options(same as described in 1. First Solution). You'll find a Transferred column. See, what's written in the Transferred column of the failed request. If it is written Blocked By Some Ad-Blocker, then disable the Ad-Blocker. Your request will work fine.
[P.S.]: These solutions are proposed on assumptions. Hope these works. If these two do not work, then please provide more info about requests and responses. And also check this.
3. Third and final solution:
[Note: This solution may not solve your problem directly, but it'll give you alternative solution and also insight about what your problem is and how to work around it]
Before reading the solution below, read this to understand how Access-Control-Allow-Origin works(it is the reason for CORS error).
Let me first explain how peerjs works:
PEERJS works based on PEER ID. So, you've to get some PEER ID either from the PEERJS CLOUD SERVER or you've to provide yourself one in the PEER CONSTRUCTOR i.e. new Peer("some-peer-id"). Peer id has to be unique, cause its necessary to detect all the users uniquely. And, peerjs uses this PEER ID to send and receive data from user to user.
Now, you should know that, you're using PEERJS CLOUD SERVER to get/generate unique peer id which is the default server PEERJS uses unless you specified some other server to use.
Now let me explain why you're facing this problem:
As you already know how CORS works, you may have already guessed, that https://unpkg.com/peerjs#1.3.1/dist/peerjs.min.js(the downloaded js file) is calling https://0.peerjs.com to retrieve/generate new unique PEER ID. But, this request by https://your.website.com does not have Access-Control-Allow-Origin access for some reason, it may also be a middleware problem. So, its difficult to tell where the problem is actually occuring. But one thing for sure, it's not your fault of writing code :D.
I hope all the concepts is clear to you I've stated above.
Now, to solutions:
Alternative-appraoch-1 (Using PEERJS CLOUD SERVER AND Your own provided id):
In this approach you've to generate your own unique PEER ID. So, "https://your.website.com" does not have to call "https://0.peerjs.com" for unique peer id. [Note: make your peer id large enough so that its always unique, at least 64 chars long]
In this way, you can avoid the CORS problem.
Update:
I just saw an new issue in github, which says the public peerjs cloud server is now unstable or does not work properly. It just gives error like: Firefox cannot establish a connection with the server at the address wss://0.peerjs.com/peerjs?key=peerjs&id=123222589562487856955685485555&token=ocyxworx62i and in Chrome: Error in connection establishment: net::ERR_CONNECTION_REFUSED. For details check here. So, its better, you use your own server(see the next approach).
Alternative-appraoch-2 (Using your own peerjs server):
You can host your own peerjs server instead of PEERJS CLOUD SERVER. In this way, you can allow access to anyone/any website you want. If you want know how to host a peerjs server, you may visit here.
[P.S.]: I have studied pearjs issues in github. After reading all those issues, it seems, it is better to use your own server rather than using pearjs cloud. There are a lot of various problems with each new release of peerjs. And mostly related with connection with peerjs cloud and also peerjs cloud is not stable I guess. They were hosting it in 0.peerjs.com:9000 before(not secure). But now in 0.peerjs.com:443.
I haven't use peerjs before nor set up peerjs server. If you want to set up one, I hope the community would be able help you on how to do that properly.
What I understand from your question is that there is an issue of (CORS => Cross-origin resource sharing ), Maybe what I am suggesting is not very intuitive.
First : download the "https://unpkg.com/peerjs#1.3.1/dist/peerjs.min.js" in your local directory . and then incklude the local javascript code to the html.
like: <script src="./peerjs.min.js"></script>
Second :
you are using var peer = new Peer();
but please provide an extra unique id from your side. for example, I just created a random id and provided it.
StackOverflow link: https://stackoverflow.com/questions/21216758/peerjs-set-your-own-peerid#:~:text=1%20Answer&text=Provide%20a%20peer%20id%20when,to%20under%20Create%20a%20peer.
var a_random_id = Math.random().toString(36).replace(/[^a-z]+/g, '').substr(2, 10);
var peer = new Peer(a_random_id, {key: 'myapikey'});
Third : the best option is to run PeerServer: A server for PeerJS of your own.
If you don't want to develop anything, just enter a few commands below.
Install the package globally:
$ npm install peer -g
Run the server:
$ peerjs --port 9000 --key peerjs --path /myapp
Started PeerServer on ::, port: 9000, path: /myapp (v. 0.3.2)
Check it: http://127.0.0.1:9000/myapp It should return JSON with name, description, and website fields.
details:https://github.com/peers/peerjs-server
In WSO2 Enterprise Store 1.0.0 there is a mix about the hostname used to make connections.
You can set HostName and MgtHostName in carbon.xml. But there are files with fixed names, like
sso-idp-config.xml: (AssertionConsumerService) https://localhost:9443/store/acs
jaggeryapps\store\controllers\ login.jag: (postUrl) "https://" + process.getProperty('carbon.local.ip') + ":" ...
localhost breaks every remote connection. IP address breaks SAML authentication and is not consistent with 3rd party certificates.
Is there an easy way to set the hostname all over the ES?
I tried this scenario only by updating AssertionConsumerService within sso-idp-config.xml and it works for me.
So you have to only update AssertionConsumerService within sso-idp-config.xml.
To work properly, the full list of files I had to modify is:
repository\conf\sso-idp-config.xml
repository\deployment\server\jaggeryapps\publisher\controllers\login.jag
repository\deployment\server\jaggeryapps\publisher\controllers\logout.jag
repository\deployment\server\jaggeryapps\social\controllers\login.jag
repository\deployment\server\jaggeryapps\social\controllers\logout.jag
repository\deployment\server\jaggeryapps\store\controllers\login.jag
repository\deployment\server\jaggeryapps\store\controllers\logout.jag
repository\deployment\server\jaggeryapps\store\themes\store\js\asset.js
login/logout files use the IP address (a bad choice when working with third-party certificates. It also breaks SAML authentication).
I lost a lot of time locating files with IP and localhost references. I think it should be reviewed and documented in future versions of the product.